Black Friday Limited Time 65% Discount Offer - Ends in 0d 00h 00m 00s - Coupon code: 65pass65

Good News !!! CAS-004 CompTIA Advanced Security Practitioner (CASP+) Exam is now Stable and With Pass Result

Exams4sure Dumps

CAS-004 Practice Exam Questions and Answers

CompTIA Advanced Security Practitioner (CASP+) Exam

Last Update 1 day ago
Total Questions : 521

CompTIA Advanced Security Practitioner (CASP+) Exam is stable now with all latest exam questions are added 1 day ago. Incorporating CAS-004 practice exam questions into your study plan is more than just a preparation strategy.

CAS-004 exam questions often include scenarios and problem-solving exercises that mirror real-world challenges. Working through CAS-004 dumps allows you to practice pacing yourself, ensuring that you can complete all CompTIA Advanced Security Practitioner (CASP+) Exam practice test within the allotted time frame.

CAS-004 PDF

CAS-004 PDF (Printable)
$43.75
$124.99

CAS-004 Testing Engine

CAS-004 PDF (Printable)
$50.75
$144.99

CAS-004 PDF + Testing Engine

CAS-004 PDF (Printable)
$63.7
$181.99
Question # 1

A company processes data subject to NDAs with partners that define the processing and storage constraints for the covered data. The agreements currently do not permit moving the covered data to the cloud, and the company would like to renegotiate the terms of the agreements.

Which of the following would MOST likely help the company gain consensus to move the data to the cloud?

Options:

A.  

Designing data protection schemes to mitigate the risk of loss due to multitenancy

B.  

Implementing redundant stores and services across diverse CSPs for high availability

C.  

Emulating OS and hardware architectures to blur operations from CSP view

D.  

Purchasing managed FIM services to alert on detected modifications to covered data

Discussion 0
Question # 2

A security consultant has been asked to recommend a secure network design that would:

• Permit an existing OPC server to communicate with a new Modbus server that is controlling electrical relays.

• Limit operational disruptions.

Due to the limitations within the Modbus protocol, which of the following configurations should the security engineer recommend as part of the solution?

Options:

A.  

Restrict inbound traffic so that only the OPC server is permitted to reach the Modbus server on port 135.

B.  

Restrict outbound traffic so that only the OPC server is permitted to reach the Modbus server on port 102.

C.  

Restrict outbound traffic so that only the OPC server is permitted to reach the Modbus server on port 5000.

D.  

Restrict inbound traffic so that only the OPC server is permitted to reach the Modbus server on port 502.

Discussion 0
Question # 3

A security engineer needs to review the configurations of several devices on the network to meet the following requirements:

• The PostgreSQL server must only allow connectivity in the 10.1.2.0/24

subnet.

• The SSH daemon on the database server must be configured to listen

to port 4022.

• The SSH daemon must only accept connections from a Single

workstation.

• All host-based firewalls must be disabled on all workstations.

• All devices must have the latest updates from within the past eight

days.

• All HDDs must be configured to secure data at rest.

• Cleartext services are not allowed.

• All devices must be hardened when possible.

Instructions:

Click on the various workstations and network devices to review the posture assessment results. Remediate any possible issues or indicate that no issue is found.

Click on Server A to review output data. Select commands in the appropriate tab to remediate connectivity problems to the pOSTGREsql DATABASE VIA ssh

Question # 3

WAP A

Question # 3

PC A

Question # 3

Laptop A

Question # 3

Switch A

Question # 3

Switch B:

Question # 3

Laptop B

Question # 3

PC B

Question # 3

PC C

Question # 3

Server A

Question # 3

Question # 3

Question # 3

Question # 3

Question # 3

Options:

Discussion 0
Question # 4

Which of the following objectives BEST supports leveraging tabletop exercises in business continuity planning?

Options:

A.  

Determine the optimal placement of hot/warm sites within the enterprise architecture.

B.  

Create new processes for identified gaps in continuity planning.

C.  

Establish new staff roles and responsibilities for continuity of operations.

D.  

Assess the effectiveness of documented processes against a realistic scenario.

Discussion 0
Question # 5

An organization is in frequent litigation and has a large number of legal holds. Which of the following types of functionality should the organization's new email system provide?

Options:

A.  

DLP

B.  

Encryption

C.  

E-discovery

D.  

Privacy-level agreements

Discussion 0
Question # 6

A global organization's Chief Information Security Officer (CISO) has been asked to analyze the risks involved in a plan to move the organization's current MPLS-based WAN network to use commodity Internet and SD-WAN hardware. The SD-WAN provider is currently highly regarded but Is a regional provider. Which of the following is MOST likely identified as a potential risk by the CISO?

Options:

A.  

The SD-WAN provider would not be able to handle the organization's bandwidth requirements.

B.  

The operating costs of the MPLS network are too high for the organization.

C.  

The SD-WAN provider uses a third party for support.

D.  

Internal IT staff will not be able to properly support remote offices after the migration.

Discussion 0
Question # 7

An engineering team has deployed a new VPN service that requires client certificates to be used in order to successfully connect. On iOS devices, however, the following error occurs after importing the .p12 certificate file:

mbedTLS: ca certificate undefined

Which of the following is the root cause of this issue?

Options:

A.  

iOS devices have an empty root certificate chain by default.

B.  

OpenSSL is not configured to support PKCS#12 certificate files.

C.  

The VPN client configuration is missing the CA private key.

D.  

The iOS keychain imported only the client public and private keys.

Discussion 0
Question # 8

A network administrator receives a ticket regarding an error from a remote worker who is trying to reboot a laptop. The laptop has not yet loaded the operating system, and the user is unable to continue the boot process. The administrator is able to provide the user with a recovery PIN, and the user is able to reboot the system and access the device as needed. Which of the following is the MOST likely cause of the error?

Options:

A.  

Lockout of privileged access account

B.  

Duration of the BitLocker lockout period

C.  

Failure of the Kerberos time drift sync

D.  

Failure of TPM authentication

Discussion 0
Question # 9

An administrator at a software development company would like to protect the integrity of the company's applications with digital signatures. The developers report that the signing process keeps failing on all applications. The same key pair used for signing, however, is working properly on the website, is valid, and is issued by a trusted C

A.  

Which of the following is MOST likely the cause of the

signature failing?

Options:

A.  

The NTP server is set incorrectly for the developers

B.  

The CA has included the certificate in its CRL.

C.  

The certificate is set for the wrong key usage.

D.  

Each application is missing a SAN or wildcard entry on the certificate

Discussion 0
Question # 10

A developer needs to implement PKI in an autonomous vehicle's software in the most efficient and labor-effective way possible. Which of the following will the developer MOST likely implement?

Options:

A.  

Certificate chain

B.  

Root CA

C.  

Certificate pinning

D.  

CRL

E.  

OCSP

Discussion 0
Question # 11

A significant weather event caused all systems to fail over to the disaster recovery site successfully. However, successful data replication has not occurred in the last six months, which has resulted in

the service being unavailable. V•Vh1ch of the following would BEST prevent this scenario from happening again?

Options:

A.  

Performing routine tabletop exercises

B.  

Implementing scheduled, full interruption tests

C.  

Backing up system log reviews

D.  

Performing department disaster recovery walk-throughs

Discussion 0
Question # 12

A security administrator wants to detect a potential forged sender claim in tt-e envelope of an email. Which of the following should the security administrator implement? (Select TWO).

Options:

A.  

MX record

B.  

DMARC

C.  

SPF

D.  

DNSSEC

E.  

S/MIME

F.  

TLS

Discussion 0
Question # 13

Which of the following processes involves searching and collecting evidence during an investigation or lawsuit?

Options:

A.  

E-discovery

B.  

Review analysis

C.  

Information governance

D.  

Chain of custody

Discussion 0
Question # 14

A CSP, which wants to compete in the market, has been approaching companies in an attempt to gain business. The CSP is able to provide the same uptime as other CSPs at a markedly reduced cost. Which of the following would be the MOST significant business risk to a company that signs a contract with this CSP?

Options:

A.  

Resource exhaustion

B.  

Geographic location

C.  

Control plane breach

D.  

Vendor lock-in

Discussion 0
Question # 15

A security analyst is reviewing a new IOC in which data is injected into an online process. The IOC shows the data injection could happen in the following ways:

• Five numerical digits followed by a dash, followed by four numerical digits; or

• Five numerical digits

When one of these IOCs is identified, the online process stops working. Which of the following regular expressions should be implemented in the NIPS?

Options:

A.  

^\d{4}(-\d{5})?$

B.  

^\d{5}(-\d{4})?$

C.  

^\d{5-4}$

D.  

^\d{9}$

Discussion 0
Get CAS-004 dumps and pass your exam in 24 hours!

Free Exams Sample Questions