CompTIA CAS-004 Online Practice Questions and Exam Preparation

CompTIA CAS-004 Online Questions & Answers

• Question 701:

  Which of the following best explain why organizations prefer to utilize code that is digitally signed? (Choose two)

  A. It provides origin assurance.
  B. It verifies integrity.
  C. It provides increased confidentiality.
  D. It integrates with DRMs.
  E. It verifies the recipient's identity.
  F. It ensures the code is free of malware.
  A. It provides origin assurance.
  B. It verifies integrity.

  ---

  Explanation

  Option A (Origin assurance): Digital signatures ensure that the code originates from a trusted source.

  Option B (Integrity verification): Digital signatures verify that the code has not been tampered with since it was signed.

  Option C (Confidentiality): Digital signatures do not provide encryption or confidentiality.

  Option D (DRMs): Digital signatures are not specifically related to Digital Rights Management.

  Option E (Recipient verification): Digital signatures validate the sender, not the recipient.

  Option F (Free of malware): While digital signatures verify integrity, they cannot guarantee that the code is free of malware.

  References:

  CompTIA CASP+ Exam Objective 2.1: Implement cryptographic solutions to protect application integrity. CASP+ Study Guide, 5th Edition, Chapter 9, Digital Signatures and Code Signing.

• Question 702:

  A company is losing hundreds of mobile devices each year due to insider theft. The company wants to prevent these devices from functioning off-site to deter theft, but does not want to prevent the reuse of a device the next day if a device was accidentally taken off-site.

  Which of the following would best solve this issue?

  A. Remote wipe any device taken off-site.
  B. Implement full device encryption.
  C. Create a geofence around the warehouse.
  D. Enable location services to monitor the mobile devices.
  C. Create a geofence around the warehouse.

  ---

  Explanation

  "Geofencing capabilities in a mobile device management (MDM) solution allow administrators to define a virtual perimeter based on GPS or network identifiers around a physical location. Devices that exit the geofence can be automatically restricted or disabled, preventing them from functioning outside the approved area, and will automatically resume normal operation once they re-enter the perimeter. This approach deters unauthorized removal while allowing legitimate, temporary off-site use (for example, if a device is accidentally taken home and returned)."

  CompTIA CASP+ Official Study Guide, Third Edition, Chapter 5: Mobile Device Security, p. 278. "Implement geofencing as part of an enterprise MDM strategy to enforce location-based access controls. Unlike encryption or simple location monitoring, it enforces a policy that directly blocks functionality outside authorized zones."

  Unlike remote wipe-which is irreversible-geofencing ensures devices remain usable when returned.

  CompTIA CASP+ CAS-004 Exam Objectives (v7.1), Section 4.3: Mobile Device Management, p. 26. By configuring a geofence around the warehouse, the company ensures that mobile devices become non-functional if removed beyond the defined boundary, yet automatically restore full functionality when brought back, effectively deterring theft without risking permanent data loss or requiring user intervention.

  References:

  CompTIA CASP+ Official Study Guide, Third Edition, Chapter 5: Mobile Device Security, p. 278

  CompTIA CASP+ CAS-004 Exam Objectives (v7.1), Section 4.3: Mobile Device Management, p. 26

• Question 703:

  Recently, two large engineering companies in the same line of business decided to approach cyberthreats in a united way. Which of the following best describes this unified approach?

  A. NDA
  B. ISA
  C. SLA
  D. MOU
  D. MOU

  ---

  Explanation

  Given the scenario of two large engineering companies joining forces to address cyberthreats in a united way, the most fitting description of their approach is a Memorandum of Understanding (MOU). This document formalizes their agreement to cooperate on cybersecurity matters, outlining their shared objectives, responsibilities, and possibly the methods they will use to collaborate effectively in combating cyber threats.

• Question 704:

  A security engineer is trying to identify instances of a vulnerability in an internally developed line of business software. The software is hosted at the company's internal data center. Although a standard vulnerability definition does not exist, the identification and remediation results should be tracked in the company's vulnerability management system. Which of the following should the engineer use to identify this vulnerability?

  A. SIEM
  B. CASB
  C. SCAP
  D. OVAL
  D. OVAL

  ---

  Explanation

  OVAL is an international information security community standard to promote open and publicly available security content and to standardize the transfer of this information across the entire spectrum of security tools and services. It can be used to create custom definitions for vulnerabilities that are specific to the organization's internally developed software.

• Question 705:

  A penetration tester is on an active engagement and has access to a remote system. The penetration tester wants to bypass the DLP, which is blocking emails that are encrypted or contain sensitive company information. Which of the following cryptographic techniques should the penetration tester use?

  A. GNU Privacy Guard
  B. UUencoding
  C. DNSCrypt
  D. Steganography
  D. Steganography

  ---

  Explanation

• Question 706:

  Within change management, which of the following ensures functions are earned out by multiple employees?

  A. Least privilege
  B. Mandatory vacation
  C. Separation of duties
  D. Job rotation
  C. Separation of duties

  ---

  Explanation

  https://www aihr com/bloa/job-rotation/

• Question 707:

  An organization is designing a network architecture that must meet the following requirements:

  1.Users will only be able to access predefined services.

  2.Each user will have a unique allow list defined for access.

  3.The system will construct one-to-one subject/object access paths dynamically.

  Which of the following architectural designs should the organization use to meet these requirements?

  A. Peer-to-peer secure communications enabled by mobile applications
  B. Proxied application data connections enabled by API gateways
  C. Microsegmentation enabled by software-defined networking
  D. VLANs enabled by network infrastructure devices
  C. Microsegmentation enabled by software-defined networking

  ---

  Explanation

• Question 708:

  An investigator is attempting to determine if recent data breaches may be due to issues with a company's web server that offers news subscription services. The investigator has gathered the following data:

  1.Clients successfully establish TLS connections to web services provided by the server.

  2.After establishing the connections, most client connections are renegotiated.

  3.The renegotiated sessions use cipher suite TLS_RSA_WITH_NULL_SHA. Which of the following is the MOST likely root cause?

  A. The clients disallow the use of modem cipher suites.
  B. The web server is misconfigured to support HTTP/1.1
  C. A ransomware payload dropper has been installed.
  D. An entity is performing downgrade attacks on path.
  D. An entity is performing downgrade attacks on path.

  ---

  Explanation

• Question 709:

  An analyst determined that the current process for manually handling phishing attacks within the company is ineffective. The analyst is developing a new process to ensure phishing attempts are handled internally in an appropriate and timely manner. One of the analyst's requirements is that a blocklist be updated automatically when phishing attempts are identified. Which of the following would help satisfy this requirement?

  A. SOAR
  B. MSSP
  C. Containerization
  D. Virtualization
  E. MDR deployment
  A. SOAR

  ---

  Explanation

  To automate the process of handling phishing attempts and updating blocklists, the best solution is to implement SOAR (Security Orchestration, Automation, and Response). SOAR platforms allow organizations to define automated workflows for responding to security incidents, such as phishing attacks. In this case, SOAR can automate the identification of phishing attempts and update blocklists in real-time, improving response time and consistency. MSSP (Managed Security Service Provider) and MDR (Managed Detection and Response) are outsourced services that do not directly address the need for automation, and containerization and virtualization are unrelated to incident handling. CASP+ emphasizes the value of automation in streamlining security operations and improving response times to threats.

• Question 710:

  A CRM company leverages a CSP PaaS service to host and publish its SaaS product. Recently, a large customer requested that all infrastructure components must meet strict regulatory requirements, including configuration management, patch management, and life-cycle management.

  Which of the following organizations is responsible for ensuring those regulatory requirements are met?

  A. The CRM company
  B. The CRM company's customer
  C. The CSP
  D. The regulatory body
  C. The CSP