Cisco
CompTIA
ISC
EC-Council
EXIN
Fortinet
ITIL
Juniper
Microsoft
VMware
Avaya
SAP
Google
NVIDIA
Salesforce
Amazon
Palo Alto Networks
ISC2
Splunk
ServiceNow
All Vendors
  2. Home
  3. Exams
  4. CompTIA
  5. CAS-004

CompTIA CAS-004 Exam Questions
CompTIA Advanced Security Practitioner (CASP+) CAS-004 (Page 17 )

Updated On: 19-Apr-2026
Page 17 of 127
PDF with 645 Questions

Ransomware encrypted the entire human resources fileshare for a large financial institution. Security operations personnel were unaware of the activity until it was too late to stop it. The restoration will take approximately four hours, and the last backup occurred 48 hours ago. The management team has indicated that the
RPO for a disaster recovery event for this data classification is 24 hours.
Based on RPO requirements, which of the following recommendations should the management team make?

  1. Leave the current backup schedule intact and pay the ransom to decrypt the data.
  2. Leave the current backup schedule intact and make the human resources fileshare read-only.
  3. Increase the frequency of backups and create SIEM alerts for IOCs.
  4. Decrease the frequency of backups and pay the ransom to decrypt the data.

Answer(s): C



A company undergoing digital transformation is reviewing the resiliency of a CSP and is concerned about meeting SLA requirements in the event of a CSP incident.
Which of the following would be BEST to proceed with the transformation?

  1. An on-premises solution as a backup
  2. A load balancer with a round-robin configuration
  3. A multicloud provider solution
  4. An active-active solution within the same tenant

Answer(s): C



A company has hired a security architect to address several service outages on the endpoints due to new malware. The Chief Executive Officer's laptop was impacted while working from home. The goal is to prevent further endpoint disruption. The edge network is protected by a web proxy.
Which of the following solutions should the security architect recommend?

  1. Replace the current antivirus with an EDR solution.
  2. Remove the web proxy and install a UTM appliance.
  3. Implement a deny list feature on the endpoints.
  4. Add a firewall module on the current antivirus solution.

Answer(s): A



All staff at a company have started working remotely due to a global pandemic. To transition to remote work, the company has migrated to SaaS collaboration tools. The human resources department wants to use these tools to process sensitive information but is concerned the data could be:
-Leaked to the media via printing of the documents
-Sent to a personal email address
Accessed and viewed by systems administrators
-Uploaded to a file storage site
Which of the following would mitigate the department's concerns?

  1. Data loss detection, reverse proxy, EDR, and PGP
  2. VDI, proxy, CASB, and DRM
  3. Watermarking, forward proxy, DLP, and MFA
  4. Proxy, secure VPN, endpoint encryption, and AV

Answer(s): C



A home automation company just purchased and installed tools for its SOC to enable incident identification and response on software the company develops. The company would like to prioritize defenses against the following attack scenarios:
-Unauthorized insertions into application development environments
-Authorized insiders making unauthorized changes to environment configurations
Which of the following actions will enable the data feeds needed to detect these types of attacks on development environments? (Choose two.)

  1. Perform static code analysis of committed code and generate summary reports.
  2. Implement an XML gateway and monitor for policy violations.
  3. Monitor dependency management tools and report on susceptible third-party libraries.
  4. Install an IDS on the development subnet and passively monitor for vulnerable services.
  5. Model user behavior and monitor for deviations from normal.
  6. Continuously monitor code commits to repositories and generate summary logs.

Answer(s): A,F



Viewing page 17 of 127
Viewing questions 81 - 85 out of 645 questions



Post your Comments and Discuss CompTIA CAS-004 exam dumps with other Community members:

CAS-004 Exam Discussions & Posts

AI Tutor AI Tutor 👋 I’m here to help!