Cisco
CompTIA
ISC
EC-Council
EXIN
Fortinet
ITIL
Juniper
Microsoft
VMware
Avaya
SAP
Google
NVIDIA
Salesforce
Amazon
Palo Alto Networks
ISC2
Splunk
ServiceNow
All Vendors
  2. Home
  3. Exams
  4. CompTIA
  5. CAS-004

CompTIA CAS-004 Exam Questions
CompTIA Advanced Security Practitioner (CASP+) CAS-004 (Page 22 )

Updated On: 19-Apr-2026
Page 22 of 127
PDF with 645 Questions

Which of the following is the MOST important cloud-specific risk from the CSP's viewpoint?

  1. Isolation control failure
  2. Management plane breach
  3. Insecure data deletion
  4. Resource exhaustion

Answer(s): B



An organization is developing a disaster recovery plan that requires data to be backed up and available at a moment's notice.
Which of the following should the organization consider FIRST to address this requirement?

  1. Implement a change management plan to ensure systems are using the appropriate versions.
  2. Hire additional on-call staff to be deployed if an event occurs.
  3. Design an appropriate warm site for business continuity.
  4. Identify critical business processes and determine associated software and hardware requirements.

Answer(s): D


Reference:

https://searchdisasterrecovery.techtarget.com/definition/warm-site



Leveraging cryptographic solutions to protect data that is in use ensures the data is encrypted:

  1. when it is passed across a local network.
  2. in memory during processing
  3. when it is written to a system's solid-state drive.
  4. by an enterprise hardware security module.

Answer(s): B



A Chief Information Officer (CIO) wants to implement a cloud solution that will satisfy the following requirements:
-Support all phases of the SDLC.
-Use tailored website portal software.
-Allow the company to build and use its own gateway software.
-Utilize its own data management platform.
-Continue using agent-based security tools.
Which of the following cloud-computing models should the CIO implement?

  1. SaaS
  2. PaaS
  3. MaaS
  4. IaaS

Answer(s): B


Reference:

https://www.bmc.com/blogs/saas-vs-paas-vs-iaas-whats-the-difference-and-how-to-choose/



A security analyst detected a malicious PowerShell attack on a single server. The malware used the Invoke-Expression function to execute an external malicious script. The security analyst scanned the disk with an antivirus application and did not find any IOCs. The security analyst now needs to deploy a protection solution against this type of malware.
Which of the following BEST describes the type of malware the solution should protect against?

  1. Worm
  2. Logic bomb
  3. Fileless
  4. Rootkit

Answer(s): C



Viewing page 22 of 127
Viewing questions 106 - 110 out of 645 questions



Post your Comments and Discuss CompTIA CAS-004 exam dumps with other Community members:

CAS-004 Exam Discussions & Posts

AI Tutor AI Tutor 👋 I’m here to help!