Amazon
Avaya
Cisco
CompTIA
CrowdStrike
EC-Council
EXIN
Fortinet
Google
ISC
ISC2
ITIL
Juniper
Microsoft
NVIDIA
Okta
Palo Alto Networks
Salesforce
All Vendors
  1. Home
  2. CompTIA
  3. CAS-004

CompTIA CAS-004 Exam (page: 18)
CompTIA Advanced Security Practitioner (CASP+) CAS-004
Updated on: 12-Jan-2026

Viewing Page 18 of 112
CAS-004 PDF 645 Questions

A networking team asked a security administrator to enable Flash on its web browser. The networking team explained that an important legacy embedded system gathers SNMP information from various devices. The system can only be managed through a web browser running Flash. The embedded system will be replaced within the year but is still critical at the moment.
Which of the following should the security administrator do to mitigate the risk?

  1. Explain to the networking team the reason Flash is no longer available and insist the team move up the timetable for replacement.
  2. Air gap the legacy system from the network and dedicate a laptop with an end-of-life OS on it to connect to the system via crossover cable for management.
  3. Suggest that the networking team contact the original embedded system's vendor to get an update to the system that does not require Flash.
  4. Isolate the management interface to a private VLAN where a legacy browser in a VM can be used as needed to manage the system.

Answer(s): D



Given the following log snippet from a web server:
Which of the following BEST describes this type of attack?

  1. SQL injection
  2. Cross-site scripting
  3. Brute-force
  4. Cross-site request forgery

Answer(s): A



A pharmaceutical company recently experienced a security breach within its customer-facing web portal. The attackers performed a SQL injection attack and exported tables from the company's managed database, exposing customer information.
The company hosts the application with a CSP utilizing the IaaS model.
Which of the following parties is ultimately responsible for the breach?

  1. The pharmaceutical company
  2. The cloud software provider
  3. The web portal software vendor
  4. The database software vendor

Answer(s): A



A host on a company's network has been infected by a worm that appears to be spreading via SMB. A security analyst has been tasked with containing the incident while also maintaining evidence for a subsequent investigation and malware analysis.
Which of the following steps would be best to perform FIRST?

  1. Turn off the infected host immediately.
  2. Run a full anti-malware scan on the infected host.
  3. Modify the smb.conf file of the host to prevent outgoing SMB connections.
  4. Isolate the infected host from the network by removing all network connections.

Answer(s): D



SIMULATION
You are a security analyst tasked with interpreting an Nmap scan output from company's privileged network.
The company's hardening guidelines indicate the following:
-There should be one primary server or service per device.
-Only default ports should be used.
-Non-secure protocols should be disabled.
INSTRUCTIONS
Using the Nmap output, identify the devices on the network and their roles, and any open ports that should be closed.
For each device found by Nmap, add a device entry to the Devices Discovered list, with the following information:
-The IP address of the device
The primary server or service of the device (Note that each IP should by associated with one service/port only)
-The protocol(s) that should be disabled based on the hardening guidelines (Note that multiple ports may need to be closed to comply with the hardening guidelines)
If at any time you would like to bring back the initial state of the simulation, please click the Reset All button.

  1. See Explanation section for answer.

Answer(s): A

Explanation:

10.1.45.65 SFTP Server Disable 8080
10.1.45.66 Email Server Disable 415 and 443
10.1.45.67 Web Server Disable 21, 80
10.1.45.68 UTM Appliance Disable 21



Viewing Page 18 of 112



Share your comments for CompTIA CAS-004 exam with other users:

9eagles 4/7/2023 10:04:00 AM

on question 10 and so far 2 wrong answers as evident in the included reference link.
Anonymous