11.11 Special 70% Discount Offer - Ends in 0d 00h 00m 00s - Coupon code: save70

CompTIA CAS-004 Online Access

Page: 6 / 38
Total 506 questions

CompTIA Advanced Security Practitioner (CASP+) Exam Questions and Answers

Question 21

The IT team suggests the company would save money by using self-signed certificates, but the security team indicates the company must use digitally signed third-party certificates. Which of the following is a valid reason to pursue the security team's recommendation?

Options:

A.

PKCS #10 is still preferred over PKCS #12.

B.

Private-key CSR signage prevents on-path interception.

C.

There is more control in using a local certificate over a third-party certificate.

D.

There is minimal benefit in using a certificate revocation list.

Question 22

A Chief Information Security Officer is concerned about the condition of the code security being used for web applications. It is important to get the review right the first time, and the company is willing to use a tool that will allow developers to validate code as it is written. Which of the following methods should the company use?

Options:

A.

SAST

B.

DAST

C.

Fuzz testing

D.

Intercepting proxy

Question 23

Two companies that recently merged would like to unify application access between the companies, without initially merging internal authentication stores. Which of the following technical strategies would best meet this objective?

Options:

A.

Federation

B.

RADIUS

C.

TACACS+

D.

MFA

E.

ABAC

Question 24

When implementing serverless computing an organization must still account for:

Options:

A.

the underlying computing network infrastructure

B.

hardware compatibility

C.

the security of its data

D.

patching the service

Page: 6 / 38
Total 506 questions