Amazon
Avaya
Checkpoint
Cisco®
CompTIA
CrowdStrike
EC-Council
EXIN
Fortinet
Google
ISC
ISC2
ITIL®
Juniper
Microsoft
MuleSoft
Okta
Oracle
Palo Alto Networks
Salesforce
All Vendors
  1. Home
  2. CompTIA
  3. CAS-004

CompTIA CAS-004 Exam (page: 7)
CompTIA Advanced Security Practitioner (CASP+) CAS-004
Updated on: 12-Oct-2025

Viewing Page 7 of 112
CAS-004 PDF 645 Questions

A developer is creating a new mobile application for a company. The application uses REST API and TLS 1.2 to communicate securely with the external back-end server. Due to this configuration, the company is concerned about HTTPS interception attacks.
Which of the following would be the BEST solution against this type of attack?

  1. Cookies
  2. Wildcard certificates
  3. HSTS
  4. Certificate pinning

Answer(s): D


Reference:

https://cloud.google.com/security/encryption-in-transit



A user in the finance department uses a laptop to store a spreadsheet that contains confidential financial information for the company.
Which of the following would be the BEST way to protect the file while the user travels between locations? (Choose two.)

  1. Encrypt the laptop with full disk encryption.
  2. Back up the file to an encrypted flash drive.
  3. Place an ACL on the file to only allow access to specified users.
  4. Store the file in the user profile.
  5. Place an ACL on the file to deny access to everyone.
  6. Enable access logging on the file.

Answer(s): A,B



A threat hunting team receives a report about possible APT activity in the network.
Which of the following threat management frameworks should the team implement?

  1. NIST SP 800-53
  2. MITRE ATT&CK
  3. The Cyber Kill Chain
  4. The Diamond Model of Intrusion Analysis

Answer(s): B


Reference:

https://nvlpubs.nist.gov/nistpubs/legacy/sp/nistspecialpublication800-30r1.pdf



Device event logs sourced from MDM software as follows:
Which of the following security concerns and response actions would BEST address the risks posed by the device in the logs?

  1. Malicious installation of an application; change the MDM configuration to remove application ID 1220.
  2. Resource leak; recover the device for analysis and clean up the local storage.
  3. Impossible travel; disable the device's account and access while investigating.
  4. Falsified status reporting; remotely wipe the device.

Answer(s): C



An energy company is required to report the average pressure of natural gas used over the past quarter. A PLC sends data to a historian server that creates the required reports.
Which of the following historian server locations will allow the business to get the required reports in an ׀׀¢ and IT environment?

  1. In the ׀׀¢ environment, use a VPN from the IT environment into the ׀׀¢ environment.
  2. In the ׀׀¢ environment, allow IT traffic into the ׀׀¢ environment.
  3. In the IT environment, allow PLCs to send data from the ׀׀¢ environment to the IT environment.
  4. Use a screened subnet between the ׀׀¢ and IT environments.

Answer(s): D



Viewing Page 7 of 112



Share your comments for CompTIA CAS-004 exam with other users:

9eagles 4/7/2023 10:04:00 AM

on question 10 and so far 2 wrong answers as evident in the included reference link.
Anonymous