Amazon
Avaya
Cisco
CompTIA
CrowdStrike
EC-Council
EXIN
Fortinet
Google
ISC
ISC2
ITIL
Juniper
Microsoft
NVIDIA
Okta
Palo Alto Networks
Salesforce
All Vendors
  1. Home
  2. CompTIA
  3. CAS-004

CompTIA CAS-004 Exam (page: 15)
CompTIA Advanced Security Practitioner (CASP+) CAS-004
Updated on: 12-Jan-2026

Viewing Page 15 of 112
CAS-004 PDF 645 Questions

An organization recently started processing, transmitting, and storing its customers' credit card information. Within a week of doing so, the organization suffered a massive breach that resulted in the exposure of the customers' information.
Which of the following provides the BEST guidance for protecting such information while it is at rest and in transit?

  1. NIST
  2. GDPR
  3. PCI DSS
  4. ISO

Answer(s): C


Reference:

https://en.wikipedia.org/wiki/Payment_Card_Industry_Data_Security_Standard



Which of the following is the MOST important security objective when applying cryptography to control messages that tell an ICS how much electrical power to output?

  1. Improving the availability of messages
  2. Ensuring non-repudiation of messages
  3. Enforcing protocol conformance for messages
  4. Assuring the integrity of messages

Answer(s): D



A company wants to protect its intellectual property from theft. The company has already applied ACLs and DACs.
Which of the following should the company use to prevent data theft?

  1. Watermarking
  2. DRM
  3. NDA
  4. Access logging

Answer(s): B



A satellite communications ISP frequently experiences outages and degraded modes of operation over one of its legacy satellite links due to the use of deprecated hardware and software. Three days per week, on average, a contracted company must follow a checklist of 16 different high-latency commands that must be run in serial to restore nominal performance. The ISP wants this process to be automated.
Which of the following techniques would be BEST suited for this requirement?

  1. Deploy SOAR utilities and runbooks.
  2. Replace the associated hardware.
  3. Provide the contractors with direct access to satellite telemetry data.
  4. Reduce link latency on the affected ground and satellite segments.

Answer(s): A



A company processes data subject to NDAs with partners that define the processing and storage constraints for the covered data. The agreements currently do not permit moving the covered data to the cloud, and the company would like to renegotiate the terms of the agreements.
Which of the following would MOST likely help the company gain consensus to move the data to the cloud?

  1. Designing data protection schemes to mitigate the risk of loss due to multitenancy
  2. Implementing redundant stores and services across diverse CSPs for high availability
  3. Emulating OS and hardware architectures to blur operations from CSP view
  4. Purchasing managed FIM services to alert on detected modifications to covered data

Answer(s): A



Viewing Page 15 of 112



Share your comments for CompTIA CAS-004 exam with other users:

9eagles 4/7/2023 10:04:00 AM

on question 10 and so far 2 wrong answers as evident in the included reference link.
Anonymous