Amazon
Avaya
Checkpoint
Cisco®
CompTIA
CrowdStrike
EC-Council
EXIN
Fortinet
Google
ISC
ISC2
ITIL®
Juniper
Microsoft
MuleSoft
Okta
Oracle
Palo Alto Networks
Salesforce
All Vendors
  1. Home
  2. CompTIA
  3. CAS-004

CompTIA CAS-004 Exam (page: 12)
CompTIA Advanced Security Practitioner (CASP+) CAS-004
Updated on: 12-Oct-2025

Viewing Page 12 of 112
CAS-004 PDF 645 Questions

An organization is considering a BYOD standard to support remote working. The first iteration of the solution will utilize only approved collaboration applications and the ability to move corporate data between those applications. The security team has concerns about the following:
-Unstructured data being exfiltrated after an employee leaves the organization
-Data being exfiltrated as a result of compromised credentials
-Sensitive information in emails being exfiltrated
Which of the following solutions should the security team implement to mitigate the risk of data loss?

  1. Mobile device management, remote wipe, and data loss detection
  2. Conditional access, DoH, and full disk encryption
  3. Mobile application management, MFA, and DRM
  4. Certificates, DLP, and geofencing

Answer(s): C



A Chief Information Officer is considering migrating all company data to the cloud to save money on expensive SAN storage.
Which of the following is a security concern that will MOST likely need to be addressed during migration?

  1. Latency
  2. Data exposure
  3. Data loss
  4. Data dispersion

Answer(s): B



Due to locality and budget constraints, an organization's satellite office has a lower bandwidth allocation than other offices in the organization. As a result, the local security infrastructure staff is assessing architectural options that will help preserve network bandwidth and increase speed to both internal and external resources while not sacrificing threat visibility.
Which of the following would be the BEST option to implement?

  1. Distributed connection allocation
  2. Local caching
  3. Content delivery network
  4. SD-WAN vertical heterogeneity

Answer(s): C



A security analyst is concerned that a malicious piece of code was downloaded on a Linux system. After some research, the analyst determines that the suspected piece of code is performing a lot of input/output (I/O) on the disk drive.
Based on the output above, from which of the following process IDs can the analyst begin an investigation?

  1. 65
  2. 77
  3. 83
  4. 87

Answer(s): C



Which of the following are risks associated with vendor lock-in? (Choose two.)

  1. The client can seamlessly move data.
  2. The vendor can change product offerings.
  3. The client receives a sufficient level of service.
  4. The client experiences decreased quality of service.
  5. The client can leverage a multicloud approach.
  6. The client experiences increased interoperability.

Answer(s): B,D


Reference:

https://www.cloudflare.com/learning/cloud/what-is-vendor-lock-in/#:~:text=Vendor%20lock%2Din%20can%20become,may%20involve%20reformatting
%20the%20data



Viewing Page 12 of 112



Share your comments for CompTIA CAS-004 exam with other users:

9eagles 4/7/2023 10:04:00 AM

on question 10 and so far 2 wrong answers as evident in the included reference link.
Anonymous