CompTIA CAS-005 CompTIA SecurityX Certification Exam Online Training
CompTIA CAS-005 Online Training
The questions for CAS-005 were last updated at Feb 21,2025.
- Exam Code: CAS-005
- Exam Name: CompTIA SecurityX Certification Exam
- Certification Provider: CompTIA
- Latest update: Feb 21,2025
A natural disaster may disrupt operations at Site A, which would then cause unreliable internet connectivity at Site B due to route flapping.
INSTRUCTIONS
Match each relevant finding to the affected host by clicking on the host name and selecting the appropriate number.
For findings 1 and 2, select the items that should be replicated to Site B. For finding 3, select the item requiring configuration changes, then select the appropriate corrective action from the drop-down menu.
See the complete solution below in Explanation:
A company isolated its OT systems from other areas of the corporate network These systems are required to report usage information over the internet to the vendor.
Which oi the following b*st reduces the risk of compromise or sabotage’ (Select two).
- A . Implementing allow lists
- B . Monitoring network behavior
- C . Encrypting data at rest
- D . Performing boot Integrity checks
- E . Executing daily health checks
- F . Implementing a site-to-site IPSec VPN
A compliance officer is reviewing the data sovereignty laws in several countries where the organization has no presence.
Which of the following is the most likely reason for reviewing these laws?
- A . The organization is performing due diligence of potential tax issues.
- B . The organization has been subject to legal proceedings in countries where it has a presence.
- C . The organization is concerned with new regulatory enforcement in other countries
- D . The organization has suffered brand reputation damage from incorrect media coverage
A financial technology firm works collaboratively with business partners in the industry to share threat intelligence within a central platform This collaboration gives partner organizations the ability to obtain and share data associated with emerging threats from a variety of adversaries.
Which of the following should the organization most likely leverage to facilitate this activity? (Select two).
- A . CWPP
- B . YAKA
- C . ATTACK
- D . STIX
- E . TAXII
- F . JTAG
A security analyst received a notification from a cloud service provider regarding an attack detected on a web server.
The cloud service provider shared the following information about the attack:
• The attack came from inside the network.
• The attacking source IP was from the internal vulnerability scanners.
• The scanner is not configured to target the cloud servers.
Which of the following actions should the security analyst take first?
- A . Create an allow list for the vulnerability scanner IPs m order to avoid false positives
- B . Configure the scan policy to avoid targeting an out-of-scope host
- C . Set network behavior analysis rules
- D . Quarantine the scanner sensor to perform a forensic analysis
While reviewing recent modem reports, a security officer discovers that several employees were contacted by the same individual who impersonated a recruiter .
Which of the following best describes this type of correlation?
- A . Spear-phishing campaign
- B . Threat modeling
- C . Red team assessment
- D . Attack pattern analysis
A security architect is establishing requirements to design resilience in un enterprise system trial will be extended to other physical locations.
The system must
• Be survivable to one environmental catastrophe
• Re recoverable within 24 hours of critical loss of availability
• Be resilient to active exploitation of one site-to-site VPN solution
- A . Load-balance connection attempts and data Ingress at internet gateways
- B . Allocate fully redundant and geographically distributed standby sites.
- C . Employ layering of routers from diverse vendors
- D . Lease space to establish cold sites throughout other countries
- E . Use orchestration to procure, provision, and transfer application workloads lo cloud services
- F . Implement full weekly backups to be stored off-site for each of the company’s sites
During a security assessment using an CDR solution, a security engineer generates the following report about the assets in me system:
After five days, the EDR console reports an infection on the host 0WIN23 by a remote access Trojan.
Which of the following is the most probable cause of the infection?
- A . OW1N23 uses a legacy version of Windows that is not supported by the EDR
- B . LN002 was not supported by the EDR solution and propagates the RAT
- C . The EDR has an unknown vulnerability that was exploited by the attacker.
- D . 0W1N29 spreads the malware through other hosts in the network
An organization wants to implement a platform to better identify which specific assets are affected by a given vulnerability .
Which of the following components provides the best foundation to achieve this goal?
- A . SASE
- B . CMDB
- C . SBoM
- D . SLM
During a gap assessment, an organization notes that OYOD usage is a significant risk. The organization implemented administrative policies prohibiting BYOD usage However, the organization has not implemented technical controls to prevent the unauthorized use of BYOD assets when accessing the organization’s resources .
Which of the following solutions should the organization implement to b»« reduce the risk of OYOD devices? (Select two).
- A . Cloud 1AM to enforce the use of token based MFA
- B . Conditional access, to enforce user-to-device binding
- C . NAC, to enforce device configuration requirements
- D . PAM. to enforce local password policies
- E . SD-WAN. to enforce web content filtering through external proxies
- F . DLP, to enforce data protection capabilities
Latest CAS-005 Dumps Valid Version with 117 Q&As
Latest And Valid Q&A | Instant Download | Once Fail, Full Refund
