Free Preparation Discussions
MENU
CompTIA CAS-004 Exam Questions
- Topic 1: Security Architecture: This topic focuses on designing secure network architectures based on specific scenarios and organizational requirements. It involves analyzing security objectives and integrating software applications securely into enterprise architectures.
- Topic 2: Security Operations: The topic emphasizes on day-to-day security operations and threat management. It includes performing threat management activities, analyzing indicators of compromise, and conducting vulnerability management tasks based on given scenarios.
- Topic 3: Security Engineering and Cryptography: It delves into implementing secure configurations for enterprise mobility, configuring endpoint security controls, and discussing security considerations for specific sectors and operational technologies.
- Topic 4: Governance, Risk, and Compliance: This topic centers around governance, risk management, and compliance. It covers applying risk strategies based on requirements, managing and mitigating vendor risks, and explaining compliance frameworks and legal considerations impacting organizational security.
Free CompTIA CAS-004 Exam Actual Questions
Note: Premium Questions for CAS-004 were last updated On Apr. 15, 2025 (see below)
The information security manager at a 24-hour manufacturing facility is reviewing a contract for potential risks to the organization. The contract pertains to the support of printers and multifunction devices during non-standard business hours. Which of the following will the security manager most likely identify as a risk?
A non-disclosure agreement (NDA) is crucial when external parties are provided access to sensitive company devices or information. The absence of an NDA poses a risk that confidential information could be disclosed by the service provider. Therefore, ensuring an NDA is in place with the company that supports sensitive devices would be a key risk identified in the contract.
A security analyst and a DevOps engineer are working together to address configuration drifts in highly scalable systems that are leading to increased vulnerability findings. Which of the following recommendations would be best to eliminate this issue?
Immutable infrastructure through containers ensures that the deployed systems remain consistent and resistant to drift. Any changes require rebuilding and redeploying containers, eliminating configuration inconsistencies. This aligns with CASP+ objective 2.2, which emphasizes implementing scalable, secure system configurations.
________________________________________
A technician is reviewing the logs and notices a large number of files were transferred to remote sites over the course of three months. This activity then stopped. The files were transferred via TLS-protected HTTP sessions from systems that do not send traffic to those sites.
The technician will define this threat as:
An advanced persistent threat (APT) is a type of cyberattack that involves a stealthy and continuous process of compromising and exploiting a target system or network. An APT typically has a specific goal or objective, such as stealing sensitive data, disrupting operations, or sabotaging infrastructure. An APT can use various techniques to evade detection and maintain persistence, such as encryption, proxy servers, malware, etc. The scenario described in the question matches the characteristics of an APT. Reference: https://www.cisco.com/c/en/us/products/security/what-is-apt.html https://www.imperva.com/learn/application-security/advanced-persistent-threat-apt/
During a recent breach, an attacker was able to get a user's login credentials by cracking a password that was retrieved via a stolen laptop. The attacker accessed the hashed passwords from the hard drive when it was connected to another device. Which of the following security measures could have helped prevent this account from being compromised?
Full Disk Encryption ensures that the data on the laptop is encrypted at rest, preventing unauthorized access even if the device is stolen and its hard drive accessed externally. This aligns with CASP+ objective 3.5, which emphasizes implementing encryption to protect sensitive data against theft and compromise.
A recent audit discovered that multiple employees had been using their badges to walk through the secured data center to get to the employee break room. Most of the employees were given access during a previous project, but the access was not removed in a timely manner when the project was complete. Which of the following would reduce the likelihood of this scenario occurring again?
Implementing an automated quarterly attestation process ensures that access is reviewed and approved regularly. This prevents unauthorized or unnecessary access from persisting over time, aligning with CASP+ objective 1.6, which emphasizes continuous access control monitoring.
- Select Question Types you want
- Set your Desired Pass Percentage
- Allocate Time (Hours : Minutes)
- Create Multiple Practice tests with Limited Questions
- Customer Support
Trinidad
14 hours agoParis
16 days agoBenedict
17 days agoCarlota
1 months agoMelissia
2 months agoBernadine
2 months agoArdella
2 months agoRicki
2 months agoTresa
3 months agoNorah
3 months agoRegenia
3 months agoGary
3 months agoClorinda
3 months agoViva
4 months agoSerina
4 months agoTresa
4 months agoHubert
4 months agoGlynda
4 months agoMaryann
5 months agoFabiola
5 months agoShalon
5 months agoKathrine
5 months agoCorinne
5 months agoLeonie
6 months agoHyun
6 months agoRamonita
6 months agoLai
6 months agoGlenna
6 months agoRolf
7 months agoTwanna
7 months agoLelia
7 months agoKeva
7 months agoErasmo
8 months agoAmie
9 months agoMike
10 months agoJody
10 months agoOdelia
10 months ago