CompTIA's CAS-005 An organization wants to implement a platform to better identify which specific assets are affected by a given vulnerability. Which of the following components provides the best foundation to achieve this goal?
#91
Answer: B✅ Correct❌ Incorrect
CompTIA's CAS-005 Which of the following best explains why AI output could be inaccurate?
#92
Answer: D✅ Correct❌ Incorrect
CompTIA's CAS-005 A company runs a DAST scan on a web application. The tool outputs the following recommendations:• Use Cookie prefixes.• Content Security Policy - SameSite=strict is not set.Which of the following vulnerabilities has the tool identified?
#93
Answer: C✅ Correct❌ Incorrect
CompTIA's CAS-005 Which of the following best describes the reason a network architect would enable forward secrecy on all VPN tunnels?
#94
Answer: B✅ Correct❌ Incorrect
CompTIA's CAS-005 Which of the following best explains the importance of determining organizational risk appetite when operating with a constrained budget?
#95
Answer: A✅ Correct❌ Incorrect
CompTIA's CAS-005 A company hired an email service provider called my-email.com to deliver company emails. The company started having several issues during the migration. A security engineer is troubleshooting and observes the following configuration snippet:Which of the following should the security engineer modify to fix the issue? (Choose two.) E. The TXT record must be changed to "v=dkim ip4:192.168.1.11 include:my-email.com ~all" F. The TXT record must be changed to "v=spf ip4:192.168.1.10 include:my-email.com ~all" G. The srv01 A record must be changed to a type CNAME record pointing to the web01 server
#96
Answer: D✅ Correct❌ Incorrect
CompTIA's CAS-005 After a company discovered a zero-day vulnerability in its VPN solution, the company plans to deploy cloud-hosted resources to replace its current on-premises systems. An engineer must find an appropriate solution to facilitate trusted connectivity. Which of the following capabilities is the most relevant?
#97
Answer: D✅ Correct❌ Incorrect
CompTIA's CAS-005 Recent reports indicate that a software tool is being exploited. Attackers were able to bypass user access controls and load a database. A security analyst needs to find the vulnerability and recommend a mitigation. The analyst generates the following output:Which of the following would the analyst most likely recommend?
#98
Answer: C✅ Correct❌ Incorrect
CompTIA's CAS-005 The identity and access management team is sending logs to the SIEM for continuous monitoring. The deployed log collector is forwarding logs to the SIEM. However, only false positive alerts are being generated. Which of the following is the most likely reason for the inaccurate alerts?
#99
Answer: C✅ Correct❌ Incorrect
CompTIA's CAS-005 The security team is receiving escalated support tickets stating that one of the company's publicly available websites is not loading as expected. Given the following observations:Which of the following is most likely the root cause?
#100
Answer: D✅ Correct❌ Incorrect
CompTIA's CAS-005 A company acquires a location with a large infrastructure of legacy devices. Because of the hardware's age and the legacy software's limitations, the OS cannot be upgraded, and the machines cannot be virtualized. These machines are not publicly facing, but they do have internet access. The following controls are currently in place:• EDR• Anti-malware• Logging and monitoring• Host-based firewall• Proxied internet accessA security architect needs to supplement the existing control strategy with one that restricts unauthorized software. Which of the following controls should the architect recommend to best supplement the existing environment?
#101
Answer: D✅ Correct❌ Incorrect
CompTIA's CAS-005 An organization wants to create a threat model to identify vulnerabilities in its infrastructure. Which of the following should be prioritized first?
#102
Answer: A✅ Correct❌ Incorrect
CompTIA's CAS-005 A Chief Information Security Officer requests an action plan to remediate vulnerabilities. A security analyst reviews the output from a recent vulnerability scan and notices hundreds of unique vulnerabilities. The output includes the CVSS score, IP address, hostname, and the list of vulnerabilities. The analyst determines more information is needed in order to decide which vulnerabilities should be fixed immediately. Which of the following is the best source for this information?
#103
Answer: B✅ Correct❌ Incorrect
CompTIA's CAS-005 A security operations analyst is reviewing network traffic baselines for nightly database backups. Given the following information:Which of the following should the security analyst do next?
#104
Answer: C✅ Correct❌ Incorrect
CompTIA's CAS-005 A company has a requirement in customer contracts that states applications must undergo external audits to identify vulnerabilities. Which of the following is the best action for the company to complete before hiring an external auditor?
#105
Answer: B✅ Correct❌ Incorrect
CompTIA's CAS-005 During DAST scanning, applications are consistently reporting code defects in open-source libraries that were used to build web applications. Most of the code defects are from using libraries with known vulnerabilities. The code defects are causing product deployment delays. Which of the following is the best way to uncover these issues earlier in the life cycle?
#106
Answer: D✅ Correct❌ Incorrect
CompTIA's CAS-005 A company's SIEM is designed to associate the company’s asset inventory with user events. Given the following report:Which of the following should a security engineer investigate first as part of a log audit?
#107
Answer: A✅ Correct❌ Incorrect
CompTIA's CAS-005 A developer receives feedback about code quality and efficiency. The developer needs to identify and resolve the following coding issues before submitting the code changes for peer review:• Indexing beyond arrays• Dereferencing null pointers• Potentially dangerous data type combos• Unreachable code• Non-portable constructsWhich of the following would be most appropriate for the developer to use in this situation? E. Software composition analysis
#108
Answer: A✅ Correct❌ Incorrect
CompTIA's CAS-005 A company wants to improve and automate the compliance of its cloud environments to meet industry standards. Which of the following resources should the company use to best achieve this goal?
#109
Answer: C✅ Correct❌ Incorrect
CompTIA's CAS-005 A company wants to protect against the most common attacks and rapidly integrate with different programming languages. Which of the following technologies is most likely to meet this need?
#110
Answer: A✅ Correct❌ Incorrect
CompTIA's CAS-005 A manufacturing plant is updating its IT services. During discussions, the senior management team created the following list of considerations:• Staff turnover is high and seasonal.• Extreme conditions often damage endpoints.• Losses from downtime must be minimized.• Regulatory data retention requirements exist.Which of the following best addresses the considerations?
#111
Answer: B✅ Correct❌ Incorrect
CompTIA's CAS-005 A software vendor provides routine functionality and security updates to its global customer base. The vendor would like to ensure distributed updates are authorized, originate from only the company, and have not been modified by others. Which of the following solutions best supports these objectives?
#112
Answer: D✅ Correct❌ Incorrect
CompTIA's CAS-005 A security analyst detects a possible RAT infection on a computer in the internal network. After reviewing the details of the alert, the analyst identifies the initial vector of the attack was an email that was forwarded to multiple recipients in the same organizational unit. Which of the following should the analyst do first to minimize this type of threat in the future?
#113
Answer: D✅ Correct❌ Incorrect
CompTIA's CAS-005 A cloud engineer needs to identify appropriate solutions to:• Provide secure access to internal and external cloud resources.• Eliminate split-tunnel traffic flows.• Enable identity and access management capabilities.Which of the following solutions is the most appropriate?
#114
Answer: D✅ Correct❌ Incorrect
CompTIA's CAS-005 A security engineer is building a solution to disable weak CBC configurations for remote access connections to Linux systems. Which of the following should the security engineer modify?
#115
Answer: D✅ Correct❌ Incorrect
CompTIA's CAS-005 A security engineer is reviewing the results of an annual penetration test. The report lists one of the results as "critical severity" on several domain-joined workstations:SSL/TLS Weak Protocols Supported TLS 1.0, TLS 1.1Which of the following should the security engineer implement to remediate this finding in the most centralized manner?
#116
Answer: B✅ Correct❌ Incorrect
CompTIA's CAS-005 An analyst reviews a SIEM and generates the following report:Only HOST002 is authorized for internet traffic. Which of the following statements is accurate?
#117
Answer: C✅ Correct❌ Incorrect
CompTIA's CAS-005 A company wants to implement a three-tier approach to separate the web, database, and application servers. A security administrator must harden the environment. Which of the following is the best solution?
#118
Answer: C✅ Correct❌ Incorrect
CompTIA's CAS-005 A systems administrator wants to use existing resources to automate reporting from disparate security appliances that do not currently communicate. Which of the following is the best way to meet this objective?
#119
Answer: A✅ Correct❌ Incorrect
CompTIA's CAS-005 A vulnerability scan on a web server identified the following:Which of the following actions would most likely eliminate on-path decryption attacks? (Choose two.) E. Restricting cipher suites to only allow TLS_RSA_WITH_AES_128_CBC_SHA F. Increasing the key length to 256 for TLS_RSA_WITH_AES_128_CBC_SHA