Practice Exams:

Free CAS-004 Exam Braindumps

Pass your CompTIA Advanced Security Practitioner (CASP+) Exam exam with these free Questions and Answers

Page 5 of 69
PDF with 342 Questions
QUESTION 16

Which of the following is the MOST important cloud-specific risk from the CSP’s viewpoint?

  1. A. Isolation control failure
  2. B. Management plane breach
  3. C. Insecure data deletion
  4. D. Resource exhaustion

Correct Answer: B

QUESTION 17

An application server was recently upgraded to prefer TLS 1.3, and now users are unable to connect their clients to the server. Attempts to reproduce the error are confirmed, and clients are reporting the following:
ERR_SSL_VERSION_OR_CIPHER_MISMATCH
Which of the following is MOST likely the root cause?

  1. A. The client application is testing PFS.
  2. B. The client application is configured to use ECDHE.
  3. C. The client application is configured to use RC4.
  4. D. The client application is configured to use AES-256 in GCM.

Correct Answer: C

QUESTION 18

A security analyst discovered that the company's WAF was not properly configured. The main web server was breached, and the following payload was found in one of the malicious requests:
CAS-004 dumps exhibit
Which of the following would BEST mitigate this vulnerability?

  1. A. Network intrusion prevention
  2. B. Data encoding
  3. C. Input validation
  4. D. CAPTCHA

Correct Answer: C

QUESTION 19

A healthcare system recently suffered from a ransomware incident As a result the board of directors decided to hire a security consultant to improve existing network security. The security consultant found that the healthcare network was completely flat, had no privileged access limits and had open RDP access to servers with personal health information. As the consultant builds the remediation plan, which of the following solutions would BEST solve these challenges? (Select THREE).

  1. A. SD-WAN
  2. B. PAM
  3. C. Remote access VPN
  4. D. MFA
  5. E. Network segmentation
  6. F. BGP
  7. G. NAC

Correct Answer: ACE

QUESTION 20

A university issues badges through a homegrown identity management system to all staff and students. Each week during the summer, temporary summer school students arrive and need to be issued a badge to access minimal campus resources. The security team received a report from an outside auditor indicating the homegrown system is not consistent with best practices in the security field and leaves the institution vulnerable.
Which of the following should the security team recommend FIRST?

  1. A. Investigating a potential threat identified in logs related to the identity management system
  2. B. Updating the identity management system to use discretionary access control
  3. C. Beginning research on two-factor authentication to later introduce into the identity management system
  4. D. Working with procurement and creating a requirements document to select a new IAM system/vendor

Correct Answer: A

Page 5 of 69
PDF with 342 Questions

Post your Comments and Discuss CompTIA CAS-004 exam with other Community members: