CASP+ 4 EXAM 2025 QUESTIONS
AND ANSWERS
An organization is currently performing a market scan for managed security services
and EDR capability. Which of the following business documents should be released to
the prospective vendors in the first step of the process? (Choose two.)
A. MSA
B. RFP
C. NDA
D. RFI
E. MOU
F. RFQ - ....ANSWER ...-NDA
RFI
A security analyst, who is working in a Windows environment, has noticed a significant
amount of IPv6 traffic originating from a client, even though IPv6 is not currently in use.
The client is a stand-alone device, not connected to the AD that manages a series of
SCADA devices used for manufacturing. Which of the following is the appropriate
...©️ 2025, ALL RIGHTS RESERVED 1
,command to disable the client's IPv6 stack? - ....ANSWER ...-C:\>reg add
HKLM\system\CurrentControlSet\services\TCPIP6\Parameters /v
DisabledComponents /t REG_DWORD /d 255 /f
When reviewing KRIs of the email security appliance with the Chief Information
Security Officer (CISO) of an insurance company, the security engineer notices the
following:**
Which of the following measures should the security engineer take to ensure PII is not
intercepted in transit while also preventing interruption to business?
A. Quarantine emails sent to external domains containing PII and release after
inspection.
B. Prevent PII from being sent to domains that allow users to sign up for free webmail.
C. Enable transport layer security on all outbound email communications and
attachments.
D. Provide security awareness training regarding transmission of PII. -
....ANSWER ...-Enable transport layer security on all outbound email
communications and attachments.
A security administrator is troubleshooting RADIUS authentication issues from a newly
implemented controller-based wireless deployment. The RADIUS server contains the
following information in its logs:**
...©️ 2025, ALL RIGHTS RESERVED 2
,Based on this information, the administrator reconfigures the RADIUS server, which
results in the following log data:**
To correct this error message, the administrator makes an additional change to the
RADIUS server. Which of the following did the administrator reconfigure on the
RADIUS server? (Choose two.)
A. Added the controller address as an authorized client
B. Registered the RADIUS server to the wireless controller
C. Corrected a mismatched shared secret
D. Renewed the expired client certificate
E. Reassigned the RADIUS policy to the controller
F. Modified the client authentication method - ....ANSWER ...-Added the
controller address as an authorized client
Corrected a mismatched shared secret
An organization is improving its web services to enable better customer engagement and
self-service. The organization has a native mobile application and a rewards portal
provided by a third party. The business wants to provide customers with the ability to log
in once and have SSO between each of the applications. The integrity of the identity is
important so it can be propagated through to back-end systems to maintain a consistent
...©️ 2025, ALL RIGHTS RESERVED 3
, audit trail. Which of the following authentication and authorization types BEST meet the
requirements? (Choose two.)
A. SAML
B. Social login
C. OpenID connect
D. XACML
E. SPML
F. OAuth - ....ANSWER ...-SAML
OAuth
After the departure of a developer under unpleasant circumstances, the company is
concerned about the security of the software to which the developer has access. Which of
the following is the BEST way to ensure security of the code following the incident?
A. Hire an external red team to conduct black box testing
B. Conduct a peer review and cross reference the SRTM
C. Perform white-box testing on all impacted finished products
D. Perform regression testing and search for suspicious code - ....ANSWER ...-
Hire an external red team to conduct black box testing
...©️ 2025, ALL RIGHTS RESERVED 4
AND ANSWERS
An organization is currently performing a market scan for managed security services
and EDR capability. Which of the following business documents should be released to
the prospective vendors in the first step of the process? (Choose two.)
A. MSA
B. RFP
C. NDA
D. RFI
E. MOU
F. RFQ - ....ANSWER ...-NDA
RFI
A security analyst, who is working in a Windows environment, has noticed a significant
amount of IPv6 traffic originating from a client, even though IPv6 is not currently in use.
The client is a stand-alone device, not connected to the AD that manages a series of
SCADA devices used for manufacturing. Which of the following is the appropriate
...©️ 2025, ALL RIGHTS RESERVED 1
,command to disable the client's IPv6 stack? - ....ANSWER ...-C:\>reg add
HKLM\system\CurrentControlSet\services\TCPIP6\Parameters /v
DisabledComponents /t REG_DWORD /d 255 /f
When reviewing KRIs of the email security appliance with the Chief Information
Security Officer (CISO) of an insurance company, the security engineer notices the
following:**
Which of the following measures should the security engineer take to ensure PII is not
intercepted in transit while also preventing interruption to business?
A. Quarantine emails sent to external domains containing PII and release after
inspection.
B. Prevent PII from being sent to domains that allow users to sign up for free webmail.
C. Enable transport layer security on all outbound email communications and
attachments.
D. Provide security awareness training regarding transmission of PII. -
....ANSWER ...-Enable transport layer security on all outbound email
communications and attachments.
A security administrator is troubleshooting RADIUS authentication issues from a newly
implemented controller-based wireless deployment. The RADIUS server contains the
following information in its logs:**
...©️ 2025, ALL RIGHTS RESERVED 2
,Based on this information, the administrator reconfigures the RADIUS server, which
results in the following log data:**
To correct this error message, the administrator makes an additional change to the
RADIUS server. Which of the following did the administrator reconfigure on the
RADIUS server? (Choose two.)
A. Added the controller address as an authorized client
B. Registered the RADIUS server to the wireless controller
C. Corrected a mismatched shared secret
D. Renewed the expired client certificate
E. Reassigned the RADIUS policy to the controller
F. Modified the client authentication method - ....ANSWER ...-Added the
controller address as an authorized client
Corrected a mismatched shared secret
An organization is improving its web services to enable better customer engagement and
self-service. The organization has a native mobile application and a rewards portal
provided by a third party. The business wants to provide customers with the ability to log
in once and have SSO between each of the applications. The integrity of the identity is
important so it can be propagated through to back-end systems to maintain a consistent
...©️ 2025, ALL RIGHTS RESERVED 3
, audit trail. Which of the following authentication and authorization types BEST meet the
requirements? (Choose two.)
A. SAML
B. Social login
C. OpenID connect
D. XACML
E. SPML
F. OAuth - ....ANSWER ...-SAML
OAuth
After the departure of a developer under unpleasant circumstances, the company is
concerned about the security of the software to which the developer has access. Which of
the following is the BEST way to ensure security of the code following the incident?
A. Hire an external red team to conduct black box testing
B. Conduct a peer review and cross reference the SRTM
C. Perform white-box testing on all impacted finished products
D. Perform regression testing and search for suspicious code - ....ANSWER ...-
Hire an external red team to conduct black box testing
...©️ 2025, ALL RIGHTS RESERVED 4
