CompTIA CAS-004 CompTIA Advanced Security Practitioner (CASP+) Exam Practice Test

Answer : D

A Virtual Desktop Infrastructure (VDI) solution meets all the listed requirements: reducing patch management, using standard configurations, allowing for custom resource configurations, and providing access from multiple device types. VDI allows centralized management of desktop environments, where patches and updates can be applied once and distributed across all virtual desktops. It also supports flexible resource configurations and secure remote access from various devices. CASP+ highlights VDI as a solution for centralized, secure desktop management that meets modern enterprise needs for mobility and security.

CASP+ CAS-004 Exam Objectives: Domain 3.0 -- Enterprise Security Architecture (VDI for Secure Remote Desktop Management)

CompTIA CASP+ Study Guide: Virtual Desktop Infrastructure for Centralized Management and Security

Answer : D

The best way to reduce the risk of terminated employees' accounts not being disabled is to automate the process by integrating Active Directory (AD) with the human resources information system (HRIS). By automating this integration, when an employee's termination date is updated in the HRIS, the corresponding account in AD is automatically disabled, reducing the risk of accounts being left active after an employee leaves the organization. CASP+ highlights the importance of automating security processes, especially for user access management, to minimize human error and ensure timely action.

CASP+ CAS-004 Exam Objectives: Domain 2.0 -- Enterprise Security Operations (Automation of User Access Management)

CompTIA CASP+ Study Guide: Integration of HR Systems and Active Directory for Account Management

Answer : A

Embedded facility automation systems are often difficult to upgrade because they are constrained by available compute. These systems typically have limited processing power, memory, and storage, which restricts the ability to implement modern security measures, such as encryption, software updates, or advanced security controls. Security engineers may be unable to apply patches or updates without exceeding the system's capacity. CASP+ discusses the challenges posed by resource-constrained devices, particularly in embedded systems and IoT environments, where upgrading security can be difficult due to hardware limitations.

CASP+ CAS-004 Exam Objectives: Domain 3.0 -- Enterprise Security Architecture (Embedded System Security and Constraints)

CompTIA CASP+ Study Guide: Managing Security for Resource-Constrained Embedded Systems

Answer : B

A Service Level Agreement (SLA) is the document used to specify due dates for the remediation of high- and critical-priority findings. SLAs outline the responsibilities of the service provider, including time frames for addressing issues or vulnerabilities, based on their severity. By setting clear timelines for remediation, SLAs ensure that critical security vulnerabilities are addressed in a timely manner. CASP+ emphasizes the importance of SLAs in maintaining accountability for security operations and ensuring compliance with organizational security policies.

CASP+ CAS-004 Exam Objectives: Domain 1.0 -- Risk Management (SLAs and Security Management)

CompTIA CASP+ Study Guide: SLAs for Security Vulnerability Management

Answer : B

The data owner is best qualified to classify systems and data in accordance with external requirements. The data owner is responsible for determining how data should be classified based on its sensitivity, value, and regulatory requirements. They have the authority to decide on classification levels such as public, confidential, or secret, and ensure compliance with external standards. Other roles, like data custodians or processors, support the implementation of data management, but the data owner has the final responsibility for classification. CASP+ highlights the role of data owners in determining data classification and ensuring compliance with external requirements.

CASP+ CAS-004 Exam Objectives: Domain 1.0 -- Risk Management (Data Classification and Data Owner Responsibilities)

CompTIA CASP+ Study Guide: Data Classification and Governance Responsibilities of the Data Owner

Answer : E

Caching is the most appropriate solution to improve response time for static content, such as sponsor-related data on the entry pages. Caching stores frequently accessed data closer to users, reducing the need to retrieve it from the database repeatedly. This results in faster load times, especially during high-traffic events. While scalability (horizontal or vertical) might address overall system performance, caching specifically targets improving the speed of accessing static content. CASP+ emphasizes caching as a performance optimization technique for handling high-demand, static web content.

CASP+ CAS-004 Exam Objectives: Domain 3.0 -- Enterprise Security Architecture (Performance Optimization and Caching)

CompTIA CASP+ Study Guide: Optimizing Web Application Performance with Caching

Answer : A

An API gateway is the best solution to meet the specified requirements for securely providing public access to specific data. An API gateway allows the administrator to control HTTP methods like POST and GET, ensure secure transmission via TLS 1.2 or greater, and enforce authentication using bearer tokens. It also allows access control by specifying URLs for different types of data. API gateways centralize security and traffic management for APIs, making them ideal for this type of secure access scenario. CASP+ emphasizes the importance of API gateways in managing and securing web application interfaces.

CASP+ CAS-004 Exam Objectives: Domain 3.0 -- Enterprise Security Architecture (API Security and API Gateways)

CompTIA CASP+ Study Guide: Securing Web Application Interfaces with API Gateways