CompTIA CAS-004 Exam Practice Test Instant Access

Question 1

A software development company makes Its software version available to customers from a web portal. On several occasions, hackers were able to access the software repository to change the package that is automatically published on the website. Which of the following would be the BEST technique to ensure the software the users download is the official software released by the company?

ADistribute the software via a third-party repository.

BClose the web repository and deliver the software via email.

CEmail the software link to all customers.

DDisplay the SHA checksum on the website.

Answer : D

Question 2

A large number of emails have been reported, and a security analyst is reviewing the following information from the emails:

As part of the image process, which of the following is the FIRST step the analyst should take?

ABlock the email address carl b@comptia1 com, as it is sending spam to subject matter experts

BValidate the final 'Received' header against the DNS entry of the domain.

CCompare the 'Return-Path' and 'Received' fields.

DIgnore the emails, as SPF validation is successful, and it is a false positive

Answer : C

Question 3

A security team receives alerts regarding impossible travel and possible brute-force attacks after normal business hours. After reviewing more logs, the team determines that specific users were targeted and attempts were made to transfer data to an unknown site. Which of the following should the team do to help mitigate these issues?

ACreate a firewall rule to prevent those users from accessing sensitive data

BRestrict uploading activity to only authorized sites.

CEnable packet captures to continue to run for the source and destination related to the file transfer

DDisable login activity for those users after business hours.

Answer : B

Question 4

An organization is referencing NIST best practices for BCP creation while reviewing current internal organizational processes for mission-essential items.

Which of the following phases establishes the identification and prioritization of critical systems and functions?

AReview a recent gap analysis.

BPerform a cost-benefit analysis.

CConduct a business impact analysis.

DDevelop an exposure factor matrix.

Answer : C

According to NIST SP 800-34 Rev. 1, a business impact analysis (BIA) is a process that identifies and evaluates the potential effects of natural and man-made events on organizational operations.The BIA enables an organization to determine which systems and processes are essential to the organization's mission and prioritize their recovery time objectives (RTOs) and recovery point objectives (RPOs).12

Question 5

A security consultant needs to set up wireless security for a small office that does not have Active Directory. Despite the lack of central account management, the office manager wants to ensure a high level of defense to prevent brute-force attacks against wireless authentication. Which of the following technologies wouldbestmeet this need?

AFaraday cage

BWPA2 PSK

CWPA3 SAE

DWEP 128 bit

Answer : C

Comprehensive and Detailed in-Depth

Why the Correct Answer is C (WPA3 SAE):

WPA3 SAE (Simultaneous Authentication of Equals)is the most advanced method for wireless security in small office environments without centralized authentication (like Active Directory).

It addressesbrute-force attacksthroughforward secrecyand theDragonfly key exchangemethod, making it resistant to dictionary attacks and offline cracking.

WPA3 SAEenhances security by protecting against password-guessing attacks even when a weak password is chosen.

Additionally,WPA3 SAEeliminates the vulnerabilities found in WPA2-PSK by using amore secure key exchange mechanism.

Why the Other Options Are Incorrect:

A . Faraday cage:

A Faraday cage can block wireless signals entirely, but it does not provide asecurity protocolfor wireless authentication.

It's primarily used forsignal isolationrather than securing wireless communication.

B . WPA2 PSK:

AlthoughWPA2 PSK (Pre-Shared Key)is widely used, it is vulnerable tobrute-force and offline dictionary attacks, especially when weak passwords are used.

WPA2 does not includeprotection against offline password cracking, which is a significant concern.

D . WEP 128 bit:

WEP (Wired Equivalent Privacy)is extremely outdated and insecure.

It uses theRC4 stream cipher, which is prone toIV (Initialization Vector) collisionsandkey recovery attacks.

Modern tools can crack WEP keys within minutes, making it highly unsuitable.

Additional Information:

WPA3 SAEis particularly designed for environments where there is no centralized authentication server (likeActive Directory), which fits the small office scenario perfectly.

TheDragonfly handshakeused by WPA3 SAE prevents offline brute-force attacks by usingpassword-based authenticated key exchange.

Even if an attacker captures the handshake, they cannot easily performoffline dictionary attacksdue toindividualized encryptionfor each session.

Extract from CompTIA SecurityX CAS-005 Study Guide:

According to theCompTIA SecurityX CAS-005 Official Study Guide, WPA3 offers improved security over WPA2 by providingrobust protection against password guessing attacks, especially in environments without enterprise-grade authentication mechanisms. TheSAE protocolis highlighted as essential forpersonal and small office wireless networkswhere enhanced security is required without the complexity of a RADIUS server.

Question 6

A security architect is given the following requirements to secure a rapidly changing enterprise with an increasingly distributed and remote workforce

* Cloud-delivered services

* Full network security stack

* SaaS application security management

* Minimal latency for an optimal user experience

* Integration with the cloud 1AM platform

Which of the following is the BEST solution?

ARouting and Remote Access Service (RRAS)

BNGFW

CManaged Security Service Provider (MSSP)

DSASE

Answer : D

Question 7

An organization is prioritizing efforts to remediate or mitigate risks identified during the latest assessment. For one of the risks, a full remediation was not possible, but the organization was able to successfully apply mitigations to reduce the likelihood of impact.

Which of the following should the organization perform NEXT?

AAssess the residual risk.

BUpdate the organization's threat model.

CMove to the next risk in the register.

DRecalculate the magnitude of impact.

Answer : A

CompTIA Advanced Security Practitioner (CASP+) CAS-004 Exam Practice Test