Summer Sale - Special Limited Time 65% Discount Offer - Ends in 0d 00h 00m 00s - Coupon code: dpm65

CAS-005 CompTIA SecurityX Certification Exam Questions and Answers

Questions 4

An organization is researching the automation capabilities for systems within an OT network. A security analyst wants to assist with creating secure coding practices and would like to learn about the programming languages used on the PLCs. Which of the following programming languages is the most relevant for PLCs?

Options:

A.

Ladder logic

B.

Rust

C.

C

D.

Python

E.

Java

Buy Now
Questions 5

A company is preparing to move a new version of a web application to production. No issues were reported during security scanning or quality assurance in the CI/CD pipeline. Which of the following actions should thecompany take next?

Options:

A.

Merge the test branch to the main branch

B.

Perform threat modeling on the production application

C.

Conduct unit testing on the submitted code

D.

Perform a peer review on the test branch

Buy Now
Questions 6

Recent repents indicate that a software tool is being exploited Attackers were able to bypass user access controls and load a database. A security analyst needs to find the vulnerability and recommend a mitigation. The analyst generates the following output:

CAS-005 Question 6

Which of the following would the analyst most likely recommend?

Options:

A.

Installing appropriate EDR tools to block pass-the-hash attempts

B.

Adding additional time to software development to perform fuzz testing

C.

Removing hard coded credentials from the source code

D.

Not allowing users to change their local passwords

Buy Now
Questions 7

A security analystreviews the following report:

CAS-005 Question 7

Which of the following assessments is the analyst performing?

Options:

A.

System

B.

Supply chain

C.

Quantitative

D.

Organizational

Buy Now
Questions 8

Which of the following security risks should be considered as an organization reduces cost and increases availability of services by adopting serverless computing?

Options:

A.

Level of control and influence governments have over cloud service providers

B.

Type of virtualization or emulation technology used in the provisioning of services

C.

Vertical scalability of the infrastructure underpinning the serverless offerings

D.

Use of third-party monitoring of service provisioning and configurations

Buy Now
Questions 9

A company is having issues with its vulnerability management program New devices/lPs are added and dropped regularly, making the vulnerability report inconsistent Which of the following actions should the company lake to most likely improve the vulnerability management process'

Options:

A.

Request a weekly report with all new assets deployed and decommissioned

B.

Extend the DHCP lease lime to allow the devices to remain with the same address for a longer period.

C.

Implement a shadow IT detection process to avoid rogue devices on the network

D.

Perform regular discovery scanning throughout the 11 landscape using the vulnerability management tool

Buy Now
Questions 10

A company plans to implement a research facility with Intellectual property data that should be protected The following is the security diagram proposed by the security architect

CAS-005 Question 10

Which of the following security architect models is illustrated by the diagram?

Options:

A.

Identity and access management model

B.

Agent based security model

C.

Perimeter protection security model

D.

Zero Trust security model

Buy Now
Questions 11

A security engineer performed a code scan that resulted in many false positives. The security engineer must find asolution that improves the quality of scanning results before application deployment. Which of the following is the best solution?

Options:

A.

Limiting the tool to a specific coding language and tuning the rule set

B.

Configuring branch protection rules and dependency checks

C.

Using an application vulnerability scanner to identify coding flaws in production

D.

Performing updates on code libraries before code development

Buy Now
Questions 12

Which of the following best describes a common use case for homomorphic encryption?

Options:

A.

Processing data on a server after decrypting in order to prevent unauthorized access in transit

B.

Maintaining the confidentiality of data both at rest and in transit to and from a CSP for processing

C.

Transmitting confidential data to a CSP for processing on a large number of resources without revealing information

D.

Storing proprietary data across multiple nodes in a private cloud to prevent access by unauthenticated users

Buy Now
Questions 13

A global manufacturing company has an internal application mat is critical to making products This application cannot be updated and must Beavailable in the production area A security architect is implementing security for the application. Which of the following best describes the action the architect should take-?

Options:

A.

Disallow wireless access to the application.

B.

Deploy Intrusion detection capabilities using a network tap

C.

Create an acceptable use policy for the use of the application

D.

Create a separate network for users who need access to the application

Buy Now
Questions 14

A company wants to modify its process to comply with privacy requirements after an incident involving PII data in a development environment. In order to perform functionality tests, the QA team still needs to use valid data in the specified format. Which of the following best addresses the risk without impacting the development life cycle?

Options:

A.

Encrypting the data before moving into the QA environment

B.

Truncating the data to make it not personally identifiable

C.

Using a large language model to generate synthetic data

D.

Utilizing tokenization for sensitive fields

Buy Now
Questions 15

Which of the following best explains the business requirement a healthcare provider fulfills by encrypting patient data at rest?

Options:

A.

Securing data transfer between hospitals

B.

Providing for non-repudiation data

C.

Reducing liability from identity theft

D.

Protecting privacy while supporting portability.

Buy Now
Questions 16

Which of the following best describes the reason PQC preparation is important?

Options:

A.

To protect data against decryption due to increases in computational resource availability

B.

To have larger key lengths available through key stretching

C.

To improve encryption performance and speed using lightweight cryptography

D.

To leverage asymmetric encryption for large amounts of data

Buy Now
Questions 17

A systems administrator wants to use existing resources to automate reporting from disparate security appliances that do not currently communicate. Which of the following is the best way to meet this objective?

Options:

A.

Configuring an API Integration to aggregate the different data sets

B.

Combining back-end application storage into a single, relational database

C.

Purchasing and deploying commercial off the shelf aggregation software

D.

Migrating application usage logs to on-premises storage

Buy Now
Questions 18

A developer makes a small change to a resource allocation module on a popular social media website and causes a memory leak. During a peak utilization period, several web servers crash, causing the website to go offline. Which of the following testing techniques is the most efficient way to prevent this from reoccurring?

Options:

A.

Load

B.

Smoke

C.

Regression

D.

Canary

Buy Now
Questions 19

A security architect must make sure that the least number of services as possible is exposed in order to limit an adversary's ability to access the systems. Which of the following should the architect do first?

Options:

A.

Enforce Secure Boot.

B.

Performattack surface reduction.

C.

Disable third-party integrations.

D.

Limit access to the systems.

Buy Now
Questions 20

An external threat actor attacks public infrastructure providers. In response to the attack and during follow-up activities, various providers share information obtained during response efforts. After the attack, energy sector companies share their status and response data:

Company

SIEM

UEBA

DLP

ISAC Member

TIP Integration

Time to Detect

Time to Respond

1

Yes

No

Yes

Yes

Yes

10 minutes

20 minutes

2

Yes

Yes

Yes

Yes

No

20 minutes

40 minutes

3

Yes

Yes

No

No

Yes

12 minutes

24 minutes

Which of thefollowing is the most important issue to address to defend against future attacks?

Options:

A.

Failure to implement a UEBA system

B.

Failure to implement a DLP system

C.

Failure to join the industry ISAC

D.

Failure to integrate with the TIP

Buy Now
Questions 21

A company wants to install a three-tier approach to separate the web. database, and application servers A security administrator must harden the environment which of the following is the best solution?

Options:

A.

Deploying a VPN to prevent remote locations from accessing server VLANs

B.

Configuring a SASb solution to restrict users to server communication

C.

Implementing microsegmentation on the server VLANs

D.

installing a firewall and making it the network core

Buy Now
Questions 22

A global organization wants to manage all endpoint and user telemetry. The organization also needs to differentiate this data based on which office it is correlated to. Which of the following strategies best aligns with this goal?

Options:

A.

Sensor placement

B.

Data labeling

C.

Continuous monitoring

D.

Centralized logging

Buy Now
Questions 23

Employees use their badges to track the number of hours they work. The badge readers cannot be upgraded due to facility constraints. The software for the badge readers uses a legacy platform and requires connectivity to the enterprise resource planning solution. Which of the following is the best to ensure the security of the badge readers?

Options:

A.

Segmentation

B.

Vulnerability scans

C.

Anti-malware

Buy Now
Questions 24

A security analyst received anotification from a cloud service provider regarding an attack detected on a web server The cloud service provider shared the following information about the attack:

• The attack came from inside the network.

• The attacking source IP was from the internal vulnerability scanners.

• The scanner is not configured to target the cloud servers.

Which of the following actions should the security analyst take first?

Options:

A.

Create an allow list for the vulnerability scanner IPs m order to avoid false positives

B.

Configure the scan policy to avoid targeting an out-of-scope host

C.

Set network behavior analysis rules

D.

Quarantine the scanner sensor to perform a forensic analysis

Buy Now
Questions 25

Which of the following best describes the reason a network architect would enable forward secrecy on all VPN tunnels?

Options:

A.

This process is a requirement to enable hardware-accelerated cryptography.

B.

This process reduces the success of attackers performing cryptanalysis.

C.

The business requirements state that confidentiality is a critical success factor.

D.

Modern cryptographic protocols list this process as a prerequisite for use.

Buy Now
Questions 26

A company finds logs with modified time stamps when compared to other systems. The security team decides to improve logging and auditing for incident response. Which of the following should the team do to best accomplish this goal?

Options:

A.

Integrate a file-monitoring tool with the SIEM.

B.

Change the log solution and integrate it with the existing SIEM.

C.

Implement a central logging server, allowing only log ingestion.

D.

Rotate and back up logs every 24 hours, encrypting the backups.

Buy Now
Questions 27

A product development team has submitted code snippets for review prior to release.

INSTRUCTIONS

Analyze the code snippets, and then select one vulnerability, and one fix for each code snippet.

Code Snippet 1

CAS-005 Question 27

Code Snippet 2

CAS-005 Question 27

Vulnerability 1:

SQL injection

Cross-site request forgery

Server-side request forgery

Indirect object reference

Cross-site scripting

Fix 1:

Perform input sanitization of the userid field.

Perform output encoding of queryResponse,

Ensure usex:ia belongs to logged-in user.

Inspect URLS and disallow arbitrary requests.

Implementanti-forgery tokens.

Vulnerability 2

1) Denial of service

2) Command injection

3) SQL injection

4) Authorization bypass

5) Credentials passed via GET

Fix 2

A) Implement prepared statements and bind

variables.

B) Remove the serve_forever instruction.

C) Prevent the "authenticated" value from being overridden by a GET parameter.

D) HTTP POST should be used for sensitive parameters.

E) Perform input sanitization of the userid field.

Options:

Buy Now
Questions 28

A security analyst is reviewing the following vulnerability assessment report:

192.168.1.5, Host = Server1, CVSS 7.5, Web Server, Remotely Executable = Yes, Exploit = Yes

205.1.3.5, Host = Server2, CVSS 6.5, Bind Server, Remotely Executable = Yes, Exploit = POC

207.1.5.7, Host = Server3, CVSS 5.5, Email Server, Remotely Executable = Yes, Exploit = Yes

192.168.1.6, Host = Server4, CVSS 9.8, Domain Controller, Remotely Executable = Yes, Exploit = Yes

Which of the following should be patched first to minimize attacks against internet-facing hosts?

Options:

A.

Server1

B.

Server2

C.

Server3

D.

Server4

Buy Now
Questions 29

A security analyst is reviewing the following authentication logs:

CAS-005 Question 29

Which of thefollowing should the analyst do first?

Options:

A.

Disable User2's account

B.

Disable User12's account

C.

Disable User8's account

D.

Disable User1's account

Buy Now
Questions 30

Which of the following supports the process of collecting a large pool of behavioral observations to inform decision-making?

Options:

A.

Linear regression

B.

Distributed consensus

C.

Big Data

D.

Machine learning

Buy Now
Questions 31

Embedded malware has been discovered in a popular PDF reader application and is currently being exploited in the wild. Because the supply chain was compromised, this malware is present in versions 10.0 through 10.3 of the software's official versions. The malware is not present in version 10.4.

Since the details around this malware are still emerging, the Chief Information Security Officer has asked the senior security analyst to collaborate with the IT asset inventory manager to find instances of the installed software in order to begin response activities. The asset inventory manager has asked an analyst to provide a regular expression that will identify the affected versions. The software installation entries are formatted as follows:

Reader 10.0

Reader 10.1

Reader 10.2

Reader 10.3

Reader 10.4

Which of the following regular expression entries will accuratelyidentify all the affected versions?

Options:

A.

Reader(*)[1][0].[0-4:

B.

Reader[11[01X.f0-3'

C.

Reader( )[1][0].[0-3:

D.

Reader( )[1][0] X.[1-3:

Buy Now
Questions 32

A security officer received several complaints from usersabout excessive MPA push notifications at night The security team investigates and suspects malicious activities regarding user account authentication Which of the following is the best way for the security officer to restrict MI~A notifications''

Options:

A.

Provisioning FID02 devices

B.

Deploying a text message based on MFA

C.

Enabling OTP via email

D.

Configuring prompt-driven MFA

Buy Now
Questions 33

A financial technology firm works collaboratively with business partners in the industry to share threat intelligence within a central platform This collaboration gives partner organizations the ability to obtain and share data associated with emerging threats from a variety of adversaries Which of the following should the organization most likely leverage to facilitate this activity? (Select two).

Options:

A.

CWPP

B.

YAKA

C.

ATTACK

D.

STIX

E.

TAXII

F.

JTAG

Buy Now
Questions 34

A security team determines that the most significant risks within the pipeline are:

• Unauthorized code changes

• The current inability to perform independent verification of software modules

Which of the following best addresses these concerns?

Options:

A.

Code signing

B.

Digital signatures

C.

Non-repudiation

D.

Lightweight cryptography

Buy Now
Questions 35

A social media company wants to change encryption ciphers after identifying weaknesses in the implementation of the existing ciphers. The company needs the new ciphers to meet the following requirements:

• Utilize less RAM than competing ciphers.

• Be more CPU-efficient than previous ciphers.

• Require customers to use TLS 1.3 while broadcasting video or audio.

Which of the following is the best choice for the social media company?

Options:

A.

IDEA-CBC

B.

AES-GCM

C.

ChaCha20-Poly1305

D.

Camellia-CBC

Buy Now
Questions 36

A security engineer discovers that some legacy systems are still in use or were not properly decommissioned. After further investigation, the engineer identifies that an unknown and potentially malicious server is also sending emails on behalf of the company. The security engineer extracts the following data for review:

CAS-005 Question 36

Which of the following actions should the security engineer take next? (Select two).

Options:

A.

Rotate the DKIM selector to use another key.

B.

Change the DMARC policy to reject and remove references to the server.

C.

Remove the unnecessary servers from the SPF record.

D.

Change the SPF record to enforce the hard fail parameter.

E.

Update the MX record to contain only the primary email server.

F.

Change the DMARC policy to none and monitor email flow to establish a new baseline.

Buy Now
Questions 37

A security engineer must ensure that sensitive corporate information is not exposed if a company laptop is stolen. Which of the following actions best addresses this requirement?

Options:

A.

Utilizing desktop as a service for all company data and multifactor authentication

B.

Using explicit allow lists of specific IP addresses and deploying single sign-on

C.

Deploying mobile device management and requiring stronger passwords

D.

Updating security mobile reporting policies and monitoring data breaches

Buy Now
Questions 38

A company that relies on an COL system must keep it operating until a new solution is available Which of the following is the most secure way to meet this goal?

Options:

A.

Isolating the system and enforcing firewall rules to allow access to only required endpoints

B.

Enforcing strong credentials and improving monitoring capabilities

C.

Restricting system access to perform necessary maintenance by the IT team

D.

Placing the system in a screened subnet and blocking access from internal resources

Buy Now
Questions 39

You are tasked with integrating a new B2B client application with an existing OAuth workflow that must meet the following requirements:

. The application does not need to know the users' credentials.

. An approval interaction between the users and theHTTP service must be orchestrated.

. The application must have limited access to users' data.

INSTRUCTIONS

Use the drop-down menus to select the action items for the appropriate locations. All placeholders must be filled.

CAS-005 Question 39

CAS-005 Question 39

Options:

Buy Now
Questions 40

A systems engineer is configuring a system baseline for servers that will provide email services. As part of the architecture design, the engineer needs to improve performance of the systems by using an access vector cache, facilitating mandatory access control and protecting against:

• Unauthorized reading and modification of data and programs

• Bypassing application security mechanisms

• Privilege escalation

• interference with other processes

Which of the following is the most appropriate for the engineer to deploy?

Options:

A.

SELinux

B.

Privileged access management

C.

Self-encrypting disks

D.

NIPS

Buy Now
Questions 41

A threat hunter is identifying potentially malicious activity associated with an APT. When the threat hunter runs queries against the SIEM platform with a date range of 60 to 90 days ago, the involved account seems to be typically most active in the evenings. When the threat hunter reruns the same query with a date range of 5 to 30 days ago, the account appears to be most active in the early morning. Which of the following techniques is the threat hunter using to better understand the data?

Options:

A.

TTP-based inquiries

B.

User behavior analytics

C.

Adversary emulation

D.

OSINT analysis activities

Buy Now
Questions 42

An enterprise is deploying APIs that utilize a private key and a public key to ensure the connection string is protected. To connect to the API, customers must use the private key. Which of the following would best secure the REST API connection to the database while preventing the use of a hard-coded string in the request string?

Options:

A.

Implement a VPN for all APIs

B.

Sign the key with DSA

C.

Deploy MFA for the service accounts

D.

Utilize HMAC for the keys

Buy Now
Questions 43

After a penetration test on the internal network, the following report was generated:

Attack Target Result

Compromised host ADMIN01S.CORP.LOCAL Successful

Hash collected KRBTGT.CORP.LOCAL Successful

Hash collected SQLSV.CORP.LOCAL Successful

Pass the hash SQLSV.CORP.LOCAL Failed

Domain control CORP.LOCAL Successful

Which of the following should be recommended to remediate the attack?

Options:

A.

Deleting SQLSV

B.

Reimaging ADMIN01S

C.

Rotating KRBTGT password

D.

Resetting the local domain

Buy Now
Questions 44

An external SaaS solution user reports a bug associated with the role-based access control module. This bug allows users to bypass system logic associated with client segmentation in the multitenant deployment model. When assessing the bug report, the developer finds that the same bug was previously identified and addressed in an earlier release. The developer then determines the bug was reintroduced when an existing software component was integrated from a prior version of the platform. Which of the following is the best way to prevent this scenario?

Options:

A.

Regression testing

B.

Code signing

C.

Automated test and retest

D.

User acceptance testing

E.

Software composition analysis

Buy Now
Questions 45

A building camera is remotely accessed and disabled from the remote console application during off-hours. A security analyst reviews the following logs:

CAS-005 Question 45

Which of the following actions should the analyst take to best mitigate the threat?

Options:

A.

Implement WAF protection for the web application.

B.

Upgrade the firmware on the camera.

C.

Only allowconnections from approved IPs.

D.

Block IP 104.18.16.29 on the firewall.

Buy Now
Questions 46

Which of the following best explains the business requirement a healthcare provider fulfills by encrypting patient data at rest?

Options:

A.

Securing data transfer between hospitals

B.

Providing for non-repudiation of data

C.

Reducing liability from identity theft

D.

Protecting privacy while supporting portability

Buy Now
Questions 47

A company reduced its staff 60 days ago, and applications are now starting to fail. The security analyst is investigating to determine if there is malicious intent for the application failures. The security analyst reviews the following logs:

22:03:50 sshd[21502]: Success login for user01 from 192.168.2.5

22:10:00 sshd[21502]: Failed login for user10 from 192.168.2.5

22:11:40 sshd[21502]: Success login for user07 from 192.168.2.58

22:12:00 sshd[21502]: Failed login for user10 from 192.168.2.5

22:13:00 sshd[21502]: Failed login for user10 from 192.168.2.5

22:13:00 sshd[21502]: Success login for user03 from 192.168.2.27

22:13:00 sshd[21502]: Failed login for user10 from 192.168.2.5

Which of the following is the most likely reason for the application failures?

Options:

A.

The user’s account was set as a service account.

B.

The user's home directory was deleted.

C.

The user does not have sudo access.

D.

The root password has been changed.

Buy Now
Questions 48

The material finding from a recent compliance audit indicate a company has an issue with excessive permissions. The findings show that employees changing roles or departments results in privilege creep. Which of the following solutions are the best ways to mitigate this issue? (Select two).

Setting different access controls defined by business area

Options:

A.

Implementing a role-based access policy

B.

Designing a least-needed privilege policy

C.

Establishing a mandatory vacation policy

D.

Performing periodic access reviews

E.

Requiring periodic job rotation

Buy Now
Questions 49

A security configure isbuilding a solution to disable weak CBC configuration for remote access connections lo Linux systems. Which of the following should the security engineer modify?

Options:

A.

The /etc/openssl.conf file, updating the virtual site parameter

B.

The /etc/nsswith.conf file, updating the name server

C.

The /etc/hosts file, updating the IP parameter

D.

The /etc/etc/sshd, configure file updating the ciphers

Buy Now
Questions 50

An organization wants to manage specialized endpoints and needs a solution that provides the ability to

* Centrally manage configurations

* Push policies.

• Remotely wipe devices

• Maintain asset inventory

Which of the following should the organization do to best meet these requirements?

Options:

A.

Use a configuration management database

B.

Implement a mobile device management solution.

C.

Configure contextual policy management

D.

Deploy a software asset manager

Buy Now
Questions 51

A security architect is mitigating a vulnerability that previously led to a web application data breach. An analysis into the root cause of the issue finds the following:

An administrator’s account was hijacked and used on several Autonomous System Numbers within 30 minutes.

All administrators use named accounts that require multifactor authentication.

Single sign-on is used for all company applications.Which of the following should the security architect do to mitigate the issue?

Options:

A.

Configure token theft detection on the single sign-on system with automatic account lockouts.

B.

Enable context-based authentication when network locations change on administrator login attempts.

C.

Decentralize administrator accounts and force unique passwords for each application.

D.

Enforce biometric authentication requirements for the administrator’s named accounts.

Buy Now
Questions 52

A healthcare system recently suffered from a ransomware incident. As a result, the board of directors decided to hire a security consultant to improve existing network security. The security consultant found that the healthcare network was completely flat, had no privileged access limits, and had open RDP access to servers with personal health information. As the consultant builds the remediation plan, which of the following solutions would best solve these challenges? (Select three).

Options:

A.

SD-WAN

B.

PAM

C.

Remote access VPN

D.

MFA

E.

Network segmentation

F.

BGP

G.

NAC

Buy Now
Questions 53

As part of a security audit in the software development life cycle, a product manager must demonstrate and provide evidence of a complete representation of the code and modules used within the production-deployed application prior to the build. Which of the following best provides the required evidence?

Options:

A.

Software composition analysis

B.

Runtime application inspection

C.

Static application security testing

D.

Interactive application security testing

Buy Now
Questions 54

After remote desktop capabilities were deployed in the environment, various vulnerabilities were noticed.

• Exfiltration of intellectual property

• Unencrypted files

• Weak user passwords

Which of the following is the best way to mitigate these vulnerabilities? (Select two).

Options:

A.

Implementing data loss prevention

B.

Deploying file integrity monitoring

C.

Restricting access to critical file services only

D.

Deployingdirectory-based group policies

E.

Enabling modem authentication that supports MFA

F.

Implementing a version control system

G.

Implementing a CMDB platform

Buy Now
Questions 55

A security engineer is assisting a DevOps team that has the following requirements for container images:

Ensure container images are hashed and use version controls.

Ensure container images are up to date and scanned for vulnerabilities.

Which of the following should the security engineer do to meet these requirements?

Options:

A.

Enable clusters on the container image and configure the mesh with ACLs.

B.

Enable new security and quality checks within a CI/CD pipeline.

C.

Enable audits on the container image and monitor for configuration changes.

D.

Enable pulling of the container image from the vendor repository and deploy directly to operations.

Buy Now
Questions 56

A cloud engineer needs to identify appropriate solutions to:

• Provide secure access to internal and external cloud resources.

• Eliminate split-tunnel traffic flows.

•Enable identity and access management capabilities.

Which of the following solutions arc the most appropriate? (Select two).

Options:

A.

Federation

B.

Microsegmentation

C.

CASB

D.

PAM

E.

SD-WAN

F.

SASE

Buy Now
Questions 57

An organization recently implemented a policy that requires all passwords to be rotated every 90 days. An administrator observes a large volume of failed sign-on logs from multiple servers that are often accessed by users. The administrator determines users are disconnecting from the RDPsession but not logging off. Which of the following should the administrator do to prevent account lockouts?

Options:

A.

Increase the account lockout threshold.

B.

Enforce password complexity.

C.

Automate logout of inactive sessions.

D.

Extend the allowed session length.

Buy Now
Questions 58

A Chief Information Security Officer is concerned about the operational impact of ransomware. In the event of a ransomware attack, the business requires the integrity of the data to remain intact and an RPO of less than one hour. Which of the following storage strategies best satisfies the business requirements?

Options:

A.

Full disk encryption

B.

Remote journaling

C.

Immutable

D.

RAID 10

Buy Now
Questions 59

A security architect for a global organization with a distributed workforce recently received funding lo deploy a CASB solution Which of the following most likely explains the choice to use a proxy-based CASB?

Options:

A.

The capability to block unapproved applications and services is possible

B.

Privacy compliance obligations are bypassed when using a user-based deployment.

C.

Protecting and regularly rotating API secret keys requires a significant time commitment

D.

Corporate devices cannot receive certificates when not connected to on-premises devices

Buy Now
Questions 60

A security engineer is developing a solution to meet the following requirements?

• All endpoints should be able to establish telemetry with a SIEM.

• All endpoints should be able to be integrated into the XDR platform.

• SOC services should be able to monitor the XDR platform

Which of the following should the security engineer implement to meet the requirements?

Options:

A.

CDR and central logging

B.

HIDS and vTPM

C.

WAF and syslog

D.

HIPS and host-based firewall

Buy Now
Questions 61

A company wants to use loT devices to manage and monitor thermostats at all facilities The thermostats must receive vendor security updates and limit access to other devices within the organization Which of the following best addresses the company's requirements''

Options:

A.

Only allowing Internet access to a set of specific domains

B.

Operating lot devices on a separate network with no access to other devices internally

C.

Only allowing operation for loT devices during a specified time window

D.

Configuring IoT devices to always allow automatic updates

Buy Now
Questions 62

An organization recently implemented a new email DLP solution. Emails sent from company email addresses to matching personal email addresses generated a large number of alerts, but the content of the emails did not include company data. The security team needs to reduce the number of emails sent without blocking all emails to common personal email services. Which of the following should the security team implement first?

Options:

A.

Automatically quarantine outgoing email.

B.

Create an acceptable use policy.

C.

Enforce email encryption standards.

D.

Perform security awareness training focusing on phishing.

Buy Now
Questions 63

A security professional is investigating a trend in vulnerability findings for newly deployed cloud systems Given the following output:

CAS-005 Question 63

Which of the following actions would address the root cause of this issue?

Options:

A.

Automating the patching system to update base Images

B.

Recompiling the affected programs with the most current patches

C.

Disabling unused/unneeded ports on all servers

D.

Deploying a WAF with virtual patching upstream of the affected systems

Buy Now
Questions 64

A systems engineer is configuring SSO for a business that will be using SaaS applications for its remote-only workforce. Privileged actions in SaaS applications must be allowed only fromcorporate mobile devices that meet minimum security requirements, but BYOD must also be permitted for other activity. Which of the following would best meet this objective?

Options:

A.

Block any connections from outside the business's network security boundary.

B.

Install machine certificates on corporate devices and perform checks against the clients.

C.

Configure device attestations and continuous authorization controls.

D.

Deploy application protection policies using a corporate, cloud-based MDM solution.

Buy Now
Questions 65

During a gap assessment, an organization notes that OYOD usage is asignificant risk. The organization implemented administrative policies prohibiting BYOD usage However, the organization has not implemented technical controls to prevent the unauthorized use of BYOD assets when accessing the organization's resources. Which of the following solutions should the organization implement to b»« reduce the risk of OYOD devices? (Select two).

Options:

A.

Cloud 1AM to enforce the use of token based MFA

B.

Conditional access, to enforce user-to-device binding

C.

NAC, to enforce device configuration requirements

D.

PAM. to enforce local password policies

E.

SD-WAN. to enforce web content filtering through external proxies

F.

DLP, to enforce data protection capabilities

Buy Now
Exam Code: CAS-005
Exam Name: CompTIA SecurityX Certification Exam
Last Update: Jun 26, 2025
Questions: 219

PDF + Testing Engine

$57.75  $164.99

Testing Engine

$43.75  $124.99
buy now CAS-005 testing engine

PDF (Q&A)

$36.75  $104.99
buy now CAS-005 pdf
dumpsmate guaranteed to pass
24/7 Customer Support

DumpsMate's team of experts is always available to respond your queries on exam preparation. Get professional answers on any topic of the certification syllabus. Our experts will thoroughly satisfy you.

Site Secure

mcafee secure

TESTED 04 Jul 2025