Practice Exams:

Free CAS-004 Exam Braindumps

Pass your CompTIA Advanced Security Practitioner (CASP+) Exam exam with these free Questions and Answers

Page 4 of 69
PDF with 342 Questions
QUESTION 11

An organization is developing a disaster recovery plan that requires data to be backed up and available at a moment’s notice.
Which of the following should the organization consider FIRST to address this requirement?

  1. A. Implement a change management plan to ensure systems are using the appropriate versions.
  2. B. Hire additional on-call staff to be deployed if an event occurs.
  3. C. Design an appropriate warm site for business continuity.
  4. D. Identify critical business processes and determine associated software and hardware requirements.

Correct Answer: D

QUESTION 12

A company just released a new video card. Due to limited supply and high demand, attackers are employing automated systems to purchase the device through the company's web store so they can resell it on the secondary market. The company's intended customers are frustrated. A security engineer suggests implementing a CAPTCHA system on the web store to help reduce the number of video cards purchased through automated systems. Which of the following now describes the level of risk?

  1. A. Inherent
  2. B. Low
  3. C. Mitigated
  4. D. Residual.
  5. E. Transferred

Correct Answer: D

QUESTION 13

Which of the following represents the MOST significant benefit of implementing a passwordless authentication solution?

  1. A. Biometric authenticators are immutable.
  2. B. The likelihood of account compromise is reduced.
  3. C. Zero trust is achieved.
  4. D. Privacy risks are minimized.

Correct Answer: B

QUESTION 14

An organization's finance system was recently attacked. A forensic analyst is reviewing the contents of the compromised files for credit card data. Which of the following commands should
the analyst run to BEST determine whether financial data was lost?
CAS-004 dumps exhibit

  1. A. Option A
  2. B. Option B
  3. C. Option C
  4. D. Option D

Correct Answer: C

QUESTION 15

A security engineer was auditing an organization’s current software development practice and discovered that multiple open-source libraries were Integrated into the organization’s software. The organization currently performs SAST and DAST on the software it develops.
Which of the following should the organization incorporate into the SDLC to ensure the security of the open-source libraries?

  1. A. Perform additional SAST/DAST on the open-source libraries.
  2. B. Implement the SDLC security guidelines.
  3. C. Track the library versions and monitor the CVE website for related vulnerabilities.
  4. D. Perform unit testing of the open-source libraries.

Correct Answer: D

Page 4 of 69
PDF with 342 Questions

Post your Comments and Discuss CompTIA CAS-004 exam with other Community members: