Summer Limited Time 60% Discount Offer - Ends in 0d 00h 00m 00s - Coupon code: dealsixty

CAS-004 Exam Dumps - CompTIA CASP Questions and Answers

Question # 109

Company A acquired Company B. During an initial assessment, the companies discover they are using the same SSO system. To help users with the transition, Company A is requiring the following:

• Before the merger is complete, users from both companies should use a single set of usernames and passwords.

• Users in the same departments should have the same set of rights and privileges, but they should have different sets of rights and privileges if they have different IPs.

• Users from Company B should be able to access Company A's available resources.

Which of the following are the BEST solutions? (Select TWO).

Options:

A.

Installing new Group Policy Object policies

B.

Establishing one-way trust from Company B to Company A

C.

Enabling multifactor authentication

D.

Implementing attribute-based access control

E.

Installing Company A's Kerberos systems in Company B's network

F.

Updating login scripts

Buy Now
Question # 110

A security analyst runs a vulnerability scan on a network administrator's workstation The network administrator has direct administrative access to the company's SSO web portal The vulnerability scan uncovers cntical vulnerabilities with equally high CVSS scores for the user's browser, OS, email client and an offline password manager Which of the following should the security analyst patch FIRST?

Options:

A.

Email client

B.

Password manager

C.

Browser

D.

OS

Buy Now
Question # 111

A security engineer has been informed by the firewall team that a specific Windows workstation is part of a command-and-control network. The only information the security engineer is receiving is that

the traffic is occurring on a non-standard port (TCP 40322). Which of the following commands should the security engineer use FIRST to find the malicious process?

Options:

A.

tcpdump

B.

netstar

C.

tasklist

D.

traceroute

E.

ipconfig

Buy Now
Question # 112

A developer needs to implement PKI in an autonomous vehicle's software in the most efficient and labor-effective way possible. Which of the following will the developer MOST likely implement?

Options:

A.

Certificate chain

B.

Root CA

C.

Certificate pinning

D.

CRL

E.

OCSP

Buy Now
Question # 113

Which of the following processes involves searching and collecting evidence during an investigation or lawsuit?

Options:

A.

E-discovery

B.

Review analysis

C.

Information governance

D.

Chain of custody

Buy Now
Question # 114

A company wants to refactor a monolithic application to take advantage of cloud native services and service microsegmentation to secure sensitive application components. Which of the following should the company implement to ensure the architecture is portable?

Options:

A.

Virtualized emulators

B.

Type 2 hypervisors

C.

Orchestration

D.

Containerization

Buy Now
Question # 115

A security engineer needs to review the configurations of several devices on the network to meet the following requirements:

• The PostgreSQL server must only allow connectivity in the 10.1.2.0/24

subnet.

• The SSH daemon on the database server must be configured to listen

to port 4022.

• The SSH daemon must only accept connections from a Single

workstation.

• All host-based firewalls must be disabled on all workstations.

• All devices must have the latest updates from within the past eight

days.

• All HDDs must be configured to secure data at rest.

• Cleartext services are not allowed.

• All devices must be hardened when possible.

Instructions:

Click on the various workstations and network devices to review the posture assessment results. Remediate any possible issues or indicate that no issue is found.

Click on Server A to review output data. Select commands in the appropriate tab to remediate connectivity problems to the pOSTGREsql DATABASE VIA ssh

WAP A

PC A

Laptop A

Switch A

Switch B:

Laptop B

PC B

PC C

Server A

Options:

Buy Now
Question # 116

Which of the following objectives BEST supports leveraging tabletop exercises in business continuity planning?

Options:

A.

Determine the optimal placement of hot/warm sites within the enterprise architecture.

B.

Create new processes for identified gaps in continuity planning.

C.

Establish new staff roles and responsibilities for continuity of operations.

D.

Assess the effectiveness of documented processes against a realistic scenario.

Buy Now
Question # 117

A security analyst is reviewing a new IOC in which data is injected into an online process. The IOC shows the data injection could happen in the following ways:

• Five numerical digits followed by a dash, followed by four numerical digits; or

• Five numerical digits

When one of these IOCs is identified, the online process stops working. Which of the following regular expressions should be implemented in the NIPS?

Options:

A.

^\d{4}(-\d{5})?$

B.

^\d{5}(-\d{4})?$

C.

^\d{5-4}$

D.

^\d{9}$

Buy Now
Question # 118

A significant weather event caused all systems to fail over to the disaster recovery site successfully. However, successful data replication has not occurred in the last six months, which has resulted in

the service being unavailable. V•Vh1ch of the following would BEST prevent this scenario from happening again?

Options:

A.

Performing routine tabletop exercises

B.

Implementing scheduled, full interruption tests

C.

Backing up system log reviews

D.

Performing department disaster recovery walk-throughs

Buy Now
Question # 119

A security analyst for a managed service provider wants to implement the most up-to-date and effective security methodologies to provide clients with the best offerings. Which of the following resources

would the analyst MOST likely adopt?

Options:

A.

OSINT

B.

ISO

C.

MITRE ATT&CK

D.

OWASP

Buy Now
Question # 120

Which of the following should be established when configuring a mobile device to protect user internet privacy, to ensure the connection is encrypted, and to keep user activity hidden? (Select TWO).

Options:

A.

proxy

B.

Tunneling

C.

VDI

D.

MDM

E.

RDP

F.

MAC address randomization

Buy Now
Question # 121

A security manager wants to transition the organization to a zero trust architecture. To meet this requirement, the security manager has instructed administrators to remove trusted zones, role-based access, and one-time authentication. Which of the following will need to be implemented to achieve this objective? (Select THREE).

Options:

A.

Least privilege

B.

VPN

C.

Policy automation

D.

PKI

E.

Firewall

F.

Continuous validation

G.

Continuous integration

Buy Now
Question # 122

An organization is looking to establish more robust security measures by implementing PKI. Which of the following should the security analyst implement when considering mutual authentication?

Options:

A.

Perfect forward secrecy on both endpoints

B.

Shared secret for both endpoints

C.

Public keys on both endpoints

D.

A common public key on each endpoint

E.

A common private key on each endpoint

Buy Now
Question # 123

A CSP, which wants to compete in the market, has been approaching companies in an attempt to gain business. The CSP is able to provide the same uptime as other CSPs at a markedly reduced cost. Which of the following would be the MOST significant business risk to a company that signs a contract with this CSP?

Options:

A.

Resource exhaustion

B.

Geographic location

C.

Control plane breach

D.

Vendor lock-in

Buy Now
Exam Code: CAS-004
Exam Name: CompTIA SecurityX Certification Exam
Last Update: Apr 25, 2025
Questions: 571
CAS-004 pdf

CAS-004 PDF

$34  $84.99
CAS-004 Engine

CAS-004 Testing Engine

$38  $94.99
CAS-004 PDF + Engine

CAS-004 PDF + Testing Engine

$54  $134.99