Online CAS-004 Practice TestMore CompTIA Products >

Free CompTIA CAS-004 Exam Dumps Questions

CompTIA CAS-004: CompTIA Advanced Security Practitioner (CASP+) Exam

- Get instant access to CAS-004 practice exam questions

- Get ready to pass the CompTIA Advanced Security Practitioner (CASP+) Exam exam right now using our CompTIA CAS-004 exam package, which includes CompTIA CAS-004 practice test plus an CompTIA CAS-004 Exam Simulator.

- The best online CAS-004 exam study material and preparation tool is here.

4.5

(2040 ratings)

Question 1

Which of the following is the MOST important security objective when applying cryptography to control messages that tell an ICS how much electrical power to output?

A. Importing the availability of messages

B. Ensuring non-repudiation of messages

C. Enforcing protocol conformance for messages

D. Assuring the integrity of messages

Correct Answer:D

Question 2

In preparation for the holiday season, a company redesigned the system that manages retail sales and moved it to a cloud service provider. The new infrastructure did not meet the company’s availability requirements. During a postmortem analysis, the following issues were highlighted:
* 1. International users reported latency when images on the web page were initially loading.
* 2. During times of report processing, users reported issues with inventory when attempting to place orders.
* 3. Despite the fact that ten new API servers were added, the load across servers was heavy at peak times.
Which of the following infrastructure design changes would be BEST for the organization to implement to avoid these issues in the future?

A. Serve static content via distributed CDNs, create a read replica of the central database and pull reports from there, and auto-scale API servers based on performance.

B. Increase the bandwidth for the server that delivers images, use a CDN, change the database to a non-relational database, and split the ten API servers across two load balancers.

C. Serve images from an object storage bucket with infrequent read times, replicate the database across different regions, and dynamically create API servers based on load.

D. Serve static-content object storage across different regions, increase the instance size on the managed relational database, and distribute the ten API servers across multiple regions.

Correct Answer:A

Question 3

A high-severity vulnerability was found on a web application and introduced to the enterprise. The vulnerability could allow an unauthorized user to utilize an open-source library to view privileged user information. The enterprise is unwilling to accept the risk, but the developers cannot fix the issue right away. Which of the following should be implemented to reduce the risk to an acceptable level until the issue can be fixed?

A. Scan the code with a static code analyzer, change privileged user passwords, and provide security training.

B. Change privileged usernames, review the OS logs, and deploy hardware tokens.

C. Implement MFA, review the application logs, and deploy a WAF.

D. Deploy a VPN, configure an official open-source library repository, and perform a full application review for vulnerabilities.

Correct Answer:D
Reference: https://www.microfocus.com/en-us/what-is/sast

Question 4

An organization’s hunt team thinks a persistent threats exists and already has a foothold in the enterprise network.
Which of the following techniques would be BEST for the hunt team to use to entice the adversary to uncover malicious activity?

A. Deploy a SOAR tool.

B. Modify user password history and length requirements.

C. Apply new isolation and segmentation schemes.

D. Implement decoy files on adjacent hosts.

Correct Answer:C
Reference: https://www.cynet.com/network-attacks/network-attacks-and-network-security-threats/

Question 5

A shipping company that is trying to eliminate entire classes of threats is developing an SELinux policy to ensure its custom Android devices are used exclusively for package tracking.
After compiling and implementing the policy, in which of the following modes must the company ensure the devices are configured to run?

A. Protecting

B. Permissive

C. Enforcing

D. Mandatory

Correct Answer:B
Reference: https://source.android.com/security/selinux/customize
CAS-004 dumps exhibit

Question 6

A security architect is implementing a web application that uses a database back end. Prior to the production, the architect is concerned about the possibility of XSS attacks and wants to identify security controls that could be put in place to prevent these attacks.
Which of the following sources could the architect consult to address this security concern?

A. SDLC

B. OVAL

C. IEEE

D. OWASP

Correct Answer:B
Reference: https://dzone.com/articles/what-is-oval-a-community-driven-vulnerability-mana

START CAS-004 EXAM