CAS-004 Exam Details

  • Exam Code
    :CAS-004
  • Exam Name
    :CompTIA Advanced Security Practitioner (CASP+)
  • Certification
    :CompTIA Certifications
  • Vendor
    :CompTIA
  • Total Questions
    :792 Q&As
  • Last Updated
    :Jul 09, 2026

CompTIA CAS-004 Online Questions & Answers

  • Question 81:

    A recent batch of bug bounty findings indicates a systematic issue related to directory traversal. A security engineer needs to prevent flawed code from being deployed into production. Which of the following is the best mitigation strategy for the engineer?

    A. Setting up secure development training with a focus on filesystem access issues
    B. Implementing static code analysis testing into the CI/CD pipeline and blocking based on findings
    C. Using a software composition analysis tool to look for directory traversal issues in the application
    D. Developing a secure library for filesystem access and blocking builds that do not use the library
    E. Leveraging a dynamic application security testing tool to uncover issues related to directory traversal

  • Question 82:

    An organization is considering a BYOD standard to support remote working. The first iteration of the solution will utilize only approved collaboration applications and the ability to move corporate data between those applications. The security team has concerns about the following:

    1.Unstructured data being exfiltrated after an employee leaves the organization

    2.Data being exfiltrated as a result of compromised credentials

    3.Sensitive information in emails being exfiltrated

    Which of the following solutions should the security team implement to mitigate the risk of data loss?

    A. Mobile device management, remote wipe, and data loss detection
    B. Conditional access, DoH, and full disk encryption
    C. Mobile application management, MFA, and DRM
    D. Certificates, DLP, and geofencing

  • Question 83:

    A company Is adopting a new artificial-intelligence-based analytics SaaS solution. This Is the company's first attempt at using a SaaS solution, and a security architect has been asked to determine any future risks. Which of the following would be the GREATEST risk In adopting this solution?

    A. The inability to assign access controls to comply with company policy
    B. The inability to require the service provider process data in a specific country
    C. The inability to obtain company data when migrating to another service
    D. The inability to conduct security assessments against a service provider

  • Question 84:

    A company that all mobile devices be encrypted, commensurate with the full disk encryption scheme of assets, such as workstation, servers, and laptops. Which of the following will MOST likely be a limiting factor when selecting mobile device managers for the company?

    A. Increased network latency
    B. Unavailable of key escrow
    C. Inability to selected AES-256 encryption
    D. Removal of user authentication requirements

  • Question 85:

    A security analyst is monitoring an organization's IDS and DLP systems for an alert indicating files were removed from the network. The files were from the workstation of an employee who was authenticated but not authorized to access the files. Which of the following should the organization do FIRST to address this issue?

    A. Provide additional security awareness training.
    B. Disable the employee's credentials until the issue is resolved.
    C. Ask human resources to notify the employee that sensitive files were accessed.
    D. Isolate the employee's network segment and investigate further.

  • Question 86:

    A company has decided to move an ERP application to a public cloud vendor. The company wants to replicate some of its global policies from on premises to cloud. The policies include data encryption, token management, and limited user

    access to the ERP application The Chief Information Officer (CIO) is mainly concerned about privileged accounts that might be compromised and used to alter data in the ERP application.

    Which of the following is the BEST option to meet the requirements?

    A. Sandboxing
    B. CASB
    C. MFA
    D. Security as a service

  • Question 87:

    A help desk analyst suddenly begins receiving numerous calls from remote employees who state they are unable to connect to the VPN. The employees indicate the VPN client software is warning about an expired certificate. The help desk analyst determines the VPN certificate is valid. Which of the following is the most likely cause of the issue?

    A. The certificate has been compromised and needs to be replaced.
    B. The VPN concentrator is running an old version of code and needs to be upgraded.
    C. The NTP settings on the VPN concentrator are incorrectly configured.
    D. The end users are using outdated VPN client software.

  • Question 88:

    A Chief information Security Officer (CISO) is developing corrective-action plans based on the following from a vulnerability scan of internal hosts:

    High (CVSS: 10.0)

    NVT: PHP '_php_stream_scandir()' Buffer Overflow Vulnerability (Windows) (OID: 1.3.6.1.4.1.25623.1.0.803917)

    Product detection result: open|ssl|php|php|5.3.6 by PHP Version Detection (Remote) (OID: 1.3.6.1.4.1.25623.1.0.800109)

    Summary

    This host is running PHP and is prone to buffer overflow vulnerability.

    Vulnerability Detection ResultInstalled version: 5.3.6

    Fixed version: 5.3.15/5.4.5

    Impact

    Successful exploitation could allow attackers to execute arbitrary code and failed attempts will likely result in denial-of-service conditions. Impact level: System/Application

    Which of the following MOST appropriate corrective action to document for this finding?

    A. The product owner should perform a business impact assessment regarding the ability to implement a WAF.
    B. The application developer should use a static code analysis tool to ensure any application code is not vulnerable to buffer overflows.
    C. The system administrator should evaluate dependencies and perform upgrade as necessary.
    D. The security operations center should develop a custom IDS rule to prevent attacks buffer overflows against this server.

  • Question 89:

    A security engineer based in Iceland works in an environment requiring an on-premises and cloud-based storage solution. The solution should take into consideration the following:

    1.The company has sensitive data.

    2.The company has proprietary data.

    3.The company has its headquarters in Iceland, and the data must always reside in that country.

    Which cloud deployment model should be used?

    A. Hybrid cloud
    B. Community cloud
    C. Public cloud
    D. Private cloud

  • Question 90:

    A company has data it would like to aggregate from its PLCs for data visualization and predictive maintenance purposes. Which of the following is the most likely destination for the tag data from the PLCs?

    A. External drive
    B. Cloud storage
    C. System aggregator
    D. Local historian

Tips on How to Prepare for the Exams

Nowadays, the certification exams become more and more important and required by more and more enterprises when applying for a job. But how to prepare for the exam effectively? How to prepare for the exam in a short time with less efforts? How to get a ideal result and how to find the most reliable resources? Here on Vcedump.com, you will find all the answers. Vcedump.com provide not only CompTIA exam questions, answers and explanations but also complete assistance on your exam preparation and certification application. If you are confused on your CAS-004 exam preparations and CompTIA certification application, do not hesitate to visit our Vcedump.com to find your solutions here.