CompTIA CAS-004 Online Practice
Questions and Exam Preparation
CAS-004 Exam Details
Exam Code
:CAS-004
Exam Name
:CompTIA Advanced Security Practitioner (CASP+)
Certification
:CompTIA Certifications
Vendor
:CompTIA
Total Questions
:792 Q&As
Last Updated
:Jul 09, 2026
CompTIA CAS-004 Online Questions &
Answers
Question 741:
A software developer was just informed by the security team that the company's product has several vulnerabilities. Most of these vulnerabilities were traced to code the developer did not write. The developer does not recognize some of the code, as it was in the software before the developer started on the program and is not tracked for licensing purposes. Which of the following would the developer MOST likely do to mitigate the risks and prevent further issues like these from occurring?
A. Perform supply chain analysis and require third-party suppliers to implement vulnerability management programs. B. Perform software composition analysis and remediate vulnerabilities found in the software. C. Perform reverse engineering on the code and rewrite the code in a more secure manner. D. Perform fuzz testing and implement DAST in the code repositories to find vulnerabilities prior to deployment.
B. Perform software composition analysis and remediate vulnerabilities found in the software.
Explanation
Question 742:
A Chief Information Officer (CIO) wants to implement a cloud solution that will satisfy the following requirements:
1.Support all phases of the SDLC.
2.Use tailored website portal software.
3.Allow the company to build and use its own gateway software.
4.Utilize its own data management platform.
5.Continue using agent-based security tools.
Which of the following cloud-computing models should the CIO implement?
A. SaaS B. PaaS C. MaaS D. IaaS
D. IaaS
Explanation
Infrastructure as a Service (IaaS) provides the most flexibility and control, allowing the company to:
1. Support the full Software Development Life Cycle (SDLC)
2. Use custom portal software
3. Build and deploy its own gateway and data management platforms
4. Continue using agent-based security tools, which typically require deeper system-level access
IaaS delivers compute, storage, and networking resources, making it the only model that meets all the specified requirements.
Question 743:
An attacker infiltrated the code base of a hardware manufacturer and inserted malware before the code was compiled. The malicious code is now running at the hardware level across a number of industries and sectors.
Which of the following categories BEST describes this type of vendor risk?
A. SDLC attack B. Side-load attack C. Remote code signing D. Supply chain attack
D. Supply chain attack
Explanation
Question 744:
A security analyst is investigating unapproved cloud services that are being used in the organization. Which of the following would best allow for discovery of shadow IT?
A. Monitoring for sign-up emails of cloud services B. Centralizing WAF deployment in the data center C. Setting up a reverse proxy and web filtering software D. Performing attack surface analysis
C. Setting up a reverse proxy and web filtering software
Explanation
A reverse proxy and web filtering software can help monitor and control outbound web traffic. By inspecting the traffic, these tools can identify and log connections to cloud services that are not officially sanctioned by the organization. This allows the security analyst to discover and assess unapproved cloud services being accessed by users.
Question 745:
Due to adverse events, a medium-sized corporation suffered a major operational disruption that caused its servers to crash and experience a major power outage. Which of the following should be created to prevent this type of issue in the future?
A. SLA B. BIA C. BCM D. BCP E. RTO
D. BCP
Explanation
Question 746:
The email administrator must reduce the number of phishing emails by utilizing more appropriate security controls. The following configurations already are in place:
1.Keyword blocking based on word lists
2.URL rewnting and protection
3.Stopping executable files from messages
Which of the following is the BEST configuration change for the administrator to make?
A. Configure more robust word lists for blocking suspicious emails B. Configure appropriate regular expression rules per suspicious email received C. Configure Bayesian filtering to block suspicious inbound email D. Configure the mail gateway to strip any attachments.
B. Configure appropriate regular expression rules per suspicious email received
An application server was recently upgraded to prefer TLS 1.3, and now users are unable to connect their clients to the server. Attempts to reproduce the error are confirmed, and clients are reporting the following:
ERR_SSL_VERSION_OR_CIPHER_MISMATCH
Which of the following is MOST likely the root cause?
A. The client application is testing PFS. B. The client application is configured to use ECDHE. C. The client application is configured to use RC4. D. The client application is configured to use AES-256 in GCM.
C. The client application is configured to use RC4.
A security engineer is assessing a legacy server and needs to determine if FTP is running and on which port. The service cannot be turned off, as it would impact a critical application's ability to function. Which of the following commands would provide the information necessary to create a firewall rule to prevent that service from being exploited?
A. service --status-all | grep ftpd B. chkconfig --list C. netstat --tulpn D. systemctl list-unit-file --type service ftpd E. service ftpd status
C. netstat --tulpn
Explanation
-t : Display TCP connections.
-u : Display UDP connections.
-l : Display listening socket (services).
-p : Display the process associated with the service.
-n : Display numerical addresses instead of resolving hostnames.
The output of this command will show all active network connections and listening ports along with the associated processes. You can then identify if FTP is running and on which port.
Question 749:
The Chief information Officer (CIO) of a large bank, which uses multiple third-party organizations to deliver a service, is concerned about the handling and security of customer data by the parties.
Which of the following should be implemented to BEST manage the risk?
A. Establish a review committee that assesses the importance of suppliers and ranks them according to contract renewals. At the time of contract renewal, incorporate designs and operational controls into the contracts and a right-to-audit clause. Regularly assess the supplier's post-contract renewal with a dedicated risk management team. B. Establish a team using members from first line risk, the business unit, and vendor management to assess only design security controls of all suppliers. Store findings from the reviews in a database for all other business units and risk teams to reference. C. Establish an audit program that regularly reviews all suppliers regardless of the data they access, how they access the data, and the type of data, Review all design and operational controls based on best practice standard and report the finding back to upper management. D. Establish a governance program that rates suppliers based on their access to data, the type of data, and how they access the data Assign key controls that are reviewed and managed based on the supplier's rating. Report finding units that rely on the suppliers and the various risk teams.
D. Establish a governance program that rates suppliers based on their access to data, the type of data, and how they access the data Assign key controls that are reviewed and managed based on the supplier's rating. Report finding units that rely on the suppliers and the various risk teams.
Explanation
Question 750:
Which of the following is a risk associated with SDN?
A. Expanded attack surface B. Increased hardware management costs C. Reduced visibility of scaling capabilities D. New firmware vulnerabilities
A. Expanded attack surface
Explanation
A risk associated with SDN is the expanded attack surface that it introduces. SDN is a network architecture that decouples the control plane from the data plane, allowing centralized and programmable management of network devices and traffic. However, this also exposes new attack vectors and vulnerabilities that can compromise the security and performance of the network. For example, an attacker can target the SDN controller, which is the core component that communicates with and controls the network devices. A successful attack on the SDN controller can result in denial of service, unauthorized access, data leakage, or network hijacking. An attacker can also exploit the communication channels between the SDN controller and the network devices, such as the OpenFlow protocol, to intercept, modify, or inject malicious messages or commands. Additionally, an attacker can leverage malicious or compromised applications that run on top of the SDN controller to manipulate or disrupt the network behavior. Verified
Nowadays, the certification exams become more and more important and required by more and more
enterprises when applying for a job. But how to prepare for the exam effectively? How to prepare
for the exam in a short time with less efforts? How to get a ideal result and how to find the
most reliable resources? Here on Vcedump.com, you will find all the answers.
Vcedump.com provide not only CompTIA exam questions,
answers and explanations but also complete assistance on your exam preparation and certification
application. If you are confused on your CAS-004 exam preparations
and CompTIA certification application, do not hesitate to visit our
Vcedump.com to find your solutions here.