Summer Limited Time 60% Discount Offer - Ends in 0d 00h 00m 00s - Coupon code: dealsixty

CAS-004 Exam Dumps - CompTIA CASP Questions and Answers

Question # 4

A security analyst and a DevOps engineer are working together to address configuration drifts in highly scalable systems that are leading to increased vulnerability findings. Which of the following recommendations would be best to eliminate this issue?

Options:

A.

Using a baseline configuration manager for deployment

B.

Deploying an immutable infrastructure through containers

C.

Eliminating false positives from the vulnerability scans

D.

Performing continuous audits of the patching status

Buy Now
Question # 5

A security engineer needs to ensure production containers are automatically scanned for vulnerabilities before they are accepted into the production environment. Which of the following should the engineer use to automatically incorporate vulnerability scanning on every commit?

Options:

A.

Code repository

B.

CI/CD pipeline

C.

Integrated development environment

D.

Container orchestrator

Buy Now
Question # 6

A security architect must mitigate the risks from what is suspected to be an exposed, private cryptographic key. Which of the following is the best step to take?

Options:

A.

Revoke the certificate.

B.

Inform all the users of the certificate.

C.

Contact the company's Chief Information Security Officer.

D.

Disable the website using the suspected certificate.

E.

Alert the root CA.

Buy Now
Question # 7

A company has been the target of LDAP injections, as well as brute-force, whaling, and spear-phishing attacks. The company is concerned about ensuring continued system access. The company has already implemented a SSO system with strong passwords. Which of the following additional controls should the company deploy?

Options:

A.

Two-factor authentication

B.

Identity proofing

C.

Challenge questions

D.

Live identity verification

Buy Now
Question # 8

Which of the following is the reason why security engineers often cannot upgrade the security of embedded facility automation systems?

Options:

A.

They are constrained by available compute.

B.

They lack X86-64 processors.

C.

They lack EEPROM.

D.

They are not logic-bearing devices.

Buy Now
Question # 9

The Chief Executive Officer of an online retailer notices a sudden drop in sales A security analyst at the retailer detects a redirection of unsecure web traffic to a competitor's site Which of the following would best prevent this type of attack?

Options:

A.

Enabling HSTS

B.

Configuring certificate pinning

C.

Enforcing DNSSEC

D.

Deploying certificate stapling

Buy Now
Question # 10

During a software assurance assessment, an engineer notices the source code contains multiple instances of strcpy. which does not verify the buffer length. Which of the following solutions should be integrated into the SDLC process to reduce future risks?

Options:

A.

Require custom IDS/IPS detection signatures for each type of insecure function found.

B.

Perform a penetration test before moving to the next step of the SDLC.

C.

Update the company's secure coding policy to exclude insecure functions.

D.

Perform DAST/SAST scanning before handoff to another team.

Buy Now
Question # 11

A security analyst notices a number of SIEM events that show the following activity:

Which of the following response actions should the analyst take FIRST?

Options:

A.

Disable powershell.exe on all Microsoft Windows endpoints.

B.

Restart Microsoft Windows Defender.

C.

Configure the forward proxy to block 40.90.23.154.

D.

Disable local administrator privileges on the endpoints.

Buy Now
Question # 12

A technician accidentally deleted the secret key that was corresponding to the public key pinned to a busy online magazine. To remedy the situation, the technician obtained a new certificate with a different key. However, paying subscribers were locked out of the website until the key-pinning policy expired. Which of the following alternatives should the technician adopt to prevent a similar issue in the future?

Options:

A.

Registration authority

B.

Certificate revocation list

C.

Client authentication

D.

Certificate authority authorization

Buy Now
Question # 13

A security analyst is reviewing network connectivity on a Linux workstation and examining the active TCP connections using the command line.

Which of the following commands would be the BEST to run to view only active Internet connections?

Options:

A.

sudo netstat -antu | grep “LISTEN” | awk ‘{print$5}’

B.

sudo netstat -nlt -p | grep “ESTABLISHED”

C.

sudo netstat -plntu | grep -v “Foreign Address”

D.

sudo netstat -pnut -w | column -t -s $’\w’

E.

sudo netstat -pnut | grep -P ^tcp

Buy Now
Question # 14

A pharmaceutical company was recently compromised by ransomware. Given the following EDR output from the process investigation:

On which of the following devices and processes did the ransomware originate?

Options:

A.

cpt-ws018, powershell.exe

B.

cpt-ws026, DearCry.exe

C.

cpt-ws002, NO-AV.exe

D.

cpt-ws026, NO-AV.exe

E.

cpt-ws002, DearCry.exe

Buy Now
Question # 15

A security researcher detonated some malware in a lab environment and identified the following commands running from the EDR tool:

With which of the following MITRE ATT&CK TTPs is the command associated? (Select TWO).

Options:

A.

Indirect command execution

B.

OS credential dumping

C.

Inhibit system recovery

D.

External remote services

E.

System information discovery

F.

Network denial of service

Buy Now
Question # 16

A hospitality company experienced a data breach that included customer Pll. The hacker used social engineering to convince an employee to grant a third-party application access to some company documents within a cloud file storage service. Which of the following is the BEST solution to help prevent this type of attack in the future?

Options:

A.

NGFW for web traffic inspection and activity monitoring

B.

CSPM for application configuration control

C.

Targeted employee training and awareness exercises

D.

CASB for OAuth application permission control

Buy Now
Question # 17

A security architect is tasked with securing a new cloud-based videoconferencing and collaboration platform to support a new distributed workforce. The security architect's key objectives are to:

• Maintain customer trust

• Minimize data leakage

• Ensure non-repudiation

Which of the following would be the BEST set of recommendations from the security architect?

Options:

A.

Enable the user authentication requirement, enable end-to-end encryption, and enable waiting rooms.

B.

Disable file exchange, enable watermarking, and enable the user authentication requirement.

C.

Enable end-to-end encryption, disable video recording, and disable file exchange.

D.

Enable watermarking, enable the user authentication requirement, and disable video recording.

Buy Now
Question # 18

A security architect Is analyzing an old application that is not covered for maintenance anymore because the software company is no longer in business. Which of the following techniques should have been Implemented to prevent these types of risks?

Options:

A.

Code reviews

B.

Supply chain visibility

C.

Software audits

D.

Source code escrows

Buy Now
Exam Code: CAS-004
Exam Name: CompTIA SecurityX Certification Exam
Last Update: Apr 25, 2025
Questions: 571
CAS-004 pdf

CAS-004 PDF

$34  $84.99
CAS-004 Engine

CAS-004 Testing Engine

$38  $94.99
CAS-004 PDF + Engine

CAS-004 PDF + Testing Engine

$54  $134.99