CAS-004 Online Practice Questions

Home / CompTIA / CAS-004

Latest CAS-004 Exam Practice Questions

The practice questions for CAS-004 exam was last updated on 2025-04-26 .

Viewing page 1 out of 38 pages.

Viewing questions 1 out of 191 questions.

Question#1

Over the last 90 days, many storage services has been exposed in the cloud services environments, and the security team does not have the ability to see is creating these instance. Shadow IT is creating data services and instances faster than the small security team can keep up with them. The Chief information security Officer (CIASO) has asked the security officer (CISO) has asked the security lead architect to architect to recommend solutions to this problem.
Which of the following BEST addresses the problem best address the problem with the least amount of administrative effort?

A. Compile a list of firewall requests and compare than against interesting cloud services.
B. Implement a CASB solution and track cloud service use cases for greater visibility.
C. Implement a user-behavior system to associate user events and cloud service creation events.
D. Capture all log and feed then to a SIEM and then for cloud service events

Question#2

In order to authenticate employees who, call in remotely, a company's help desk staff must be able to view partial Information about employees because the full information may be considered sensitive.
Which of the following solutions should be implemented to authenticate employees?

A. Data scrubbing
B. Field masking
C. Encryption in transit
D. Metadata

Explanation:
Field masking is a technique that hides or obscures part of the information in a data field, such as a password, credit card number, or social security number. Field masking can be used to protect sensitive or confidential data from unauthorized access or disclosure, while still allowing authorized users to view or verify the data.
Field masking should be implemented to authenticate employees who call in remotely by allowing the help desk staff to view partial information about employees, because field masking would: Enable the help desk staff to verify the identity of the employees by asking them to provide some characters or digits from their data fields, such as their employee ID or email address.
Prevent the help desk staff from viewing the full information about employees, which may be considered sensitive and subject to privacy regulations or policies.
Reduce the risk of data leakage, theft, or misuse by limiting the exposure of sensitive data to only those who need it.

Question#3

A global organization's Chief Information Security Officer (CISO) has been asked to analyze the risks involved in a plan to move the organization's current MPLS-based WAN network to use commodity Internet and SD-WAN hardware. The SD-WAN provider is currently highly regarded but Is a regional provider.
Which of the following is MOST likely identified as a potential risk by the CISO?

A. The SD-WAN provider would not be able to handle the organization's bandwidth requirements.
B. The operating costs of the MPLS network are too high for the organization.
C. The SD-WAN provider uses a third party for support.
D. Internal IT staff will not be able to properly support remote offices after the migration.

Explanation:
SD-WAN (Software-Defined Wide Area Network) is a technology that allows organizations to use multiple, low-cost Internet connections to create a secure and dynamic WAN. SD-WAN can provide benefits such as lower costs, higher performance, and easier management compared to traditional WAN technologies, such as MPLS (Multiprotocol Label Switching).
However, SD-WAN also introduces some potential risks, such as:
The reliability and security of the Internet connections, which may vary depending on the location, provider, and traffic conditions.
The compatibility and interoperability of the SD-WAN hardware and software, which may come from different vendors or use different standards.
The availability and quality of the SD-WAN provider’s support, which may depend on the provider’s size, reputation, and outsourcing practices.
In this case, the CISO would most likely identify the risk that the SD-WAN provider uses a third party for support, because this could:
Affect the organization’s ability to resolve issues or request changes in a timely and effective manner. Expose the organization’s network data and configuration to unauthorized or malicious parties. Increase the complexity and uncertainty of the SD-WAN service level agreement (SLA) and contract terms.

Question#4

An organization’s hunt team thinks a persistent threats exists and already has a foothold in the enterprise network.
Which of the following techniques would be BEST for the hunt team to use to entice the adversary to uncover malicious activity?

A. Deploy a SOAR tool.
B. Modify user password history and length requirements.
C. Apply new isolation and segmentation schemes.
D. Implement decoy files on adjacent hosts.

Explanation:
Implementing decoy files on adjacent hosts is a technique that can entice the adversary to uncover malicious activity, as it can lure them into accessing fake or irrelevant data that can trigger an alert or reveal their presence. Decoy files are also known as honey files or honeypots, and they are part of deception technology. Deploying a SOAR (Security Orchestration Automation and Response) tool may not entice the adversary to uncover malicious activity, as SOAR is mainly focused on automating and streamlining security operations, not deceiving attackers. Modifying user password history and length requirements may not entice the adversary to uncover malicious activity, as it could affect legitimate users and not reveal the attacker’s actions. Applying new isolation and segmentation schemes may not entice the adversary to uncover malicious activity, as it could limit their access and movement, but not expose their presence.
Verified Reference:
https://www.comptia.org/blog/what-is-deception-technology
https://partners.comptia.org/docs/default-source/resources/casp-content-guide

Question#5

A company’s employees are not permitted to access company systems while traveling internationally. The company email system is configured to block logins based on geographic location, but some employees report their mobile phones continue to sync email traveling.
Which of the following is the MOST likely explanation? (Select TWO.)

A. Outdated escalation attack
B. Privilege escalation attack
C. VPN on the mobile device
D. Unrestricted email administrator accounts
E. Chief use of UDP protocols
F. Disabled GPS on mobile devices

Exam Code: CAS-004Q & A: 553 Q&AsUpdated:  2025-04-26

 Get All CAS-004 Q&As

Top 20 Exams

CertQuestionsBank doesn't offer Real Microsoft, Amazon, Cisco Exam Questions. All CertQuestionsBank content is sourced from the Internet.

Important Links

Know Us

Follow Us

Copyright © 2025 CertQuestionsBank NETWORK CO.,LIMITED. All Rights Reserved.