Free CompTIA Advanced Security Practitioner (CASP+) Exam CAS-004 Exam Practice Test
CAS-004 Exam Features
In Just $59 You can Access
- All Official Question Types
- Interactive Web-Based Practice Test Software
- No Installation or 3rd Party Software Required
- Customize your practice sessions (Free Demo)
- 24/7 Customer Support
Total Questions: 362
-
An attacker infiltrated the code base of a hardware manufacturer and inserted malware before the code was compiled. The malicious code is now running at the hardware level across a number of industries and sectors. Which of the following categories BEST describes this type of vendor risk?
Answer: D Next Question -
A software development company makes Its software version available to customers from a web portal. On several occasions, hackers were able to access the software repository to change the package that is automatically published on the website. Which of the following would be the BEST technique to ensure the software the users download is the official software released by the company?
Answer: D Next Question -
A company is deploying multiple VPNs to support supplier connections into its extranet applications. The network security standard requires:* All remote devices to have up-to-date antivirus* An up-to-date and patched OSWhich of the following technologies should the company deploy to meet its security objectives? (Select TWO)_
Answer: A, C Next Question -
Which of the following are risks associated with vendor lock-in? (Choose two.)
Answer: B, D Next Question -
A user from the sales department opened a suspicious file attachment. The sales department then contacted the SOC to investigate a number of unresponsive systems, and the team successfully identified the file and the origin of the attack.Which of the following is t he NEXT step of the incident response plan?
Answer: B Next Question -
The OS on several servers crashed around the same time for an unknown reason. The servers were restored to working condition, and all file integrity was verified. Which of the following should the incident response team perform to understand the crash and prevent it in the future?
Answer: A Next Question -
Due to internal resource constraints, the management team has asked the principal security architect to recommend a solution that shifts partial responsibility for application-level controls to the cloud provider. In the shared responsibility model, which of the following levels of service meets this requirement?
Answer: D Next Question -
An organization developed a social media application that is used by customers in multiple remote geographic locations around the world. The organization's headquarters and only datacenter are located in New York City. The Chief Information Security Officer wants to ensure the following requirements are met for the social media application:Low latency for all mobile users to improve the users' experienceSSL offloading to improve web server performanceProtection against DoS and DDoS attacksHigh availabilityWhich of the following should the organization implement to BEST ensure all requirements are met?
Answer: B Next Question -
A company just released a new video card. Due to limited supply and high demand, attackers are employing automated systems to purchase the device through the company's web store so they can resell it on the secondary market. The company's intended customers are frustrated. A security engineer suggests implementing a CAPTCHA system on the web store to help reduce the number of video cards purchased through automated systems. Which of the following now describes the level of risk?
Answer: D Next Question -
A cybersecurity engineer analyst a system for vulnerabilities. The tool created an OVAL. Results document as output. Which of the following would enable the engineer to interpret the results in a human readable form? (Select TWO.)
Answer: B, D Next Question
Total Questions: 362