COMPTIA-SECURITYX

CompTIA's CAS-005 A company’s help desk is experiencing a large number of calls from the finance department stating access issues to www.bank.com. The security operations center reviewed the following security logs:Which of the following is most likely the cause of the issue?

CompTIA's CAS-005 A financial services organization is using AI to fully automate the process of deciding client loan rates. Which of the following should the organization be most concerned about from a regulatory perspective?

CompTIA's CAS-005 A security analyst is reviewing the following log:Which of the following possible events should the security analyst investigate further?

CompTIA's CAS-005 A security operations engineer needs to prevent inadvertent data disclosure when encrypted SSDs are reused within an enterprise. Which of the following is the most secure way to achieve this goal?

CompTIA's CAS-005 A security professional is investigating a trend in vulnerability findings for newly deployed cloud systems. Given the following output:Which of the following actions would address the root cause of this issue?

CompTIA's CAS-005 A company established a new process for business analysts to receive emails that contain links for purchase requests. The new process requires links to be submitted through new emails. Which of the following is the best way to secure this process without disrupting order fulfillment?

CompTIA's CAS-005 An organization receives OSINT reports about an increase in ransomware targeting fileshares at peer companies. The organization wants to deploy hardening policies to its servers and workstations in order to contain potential ransomware. Which of the following should an engineer do to best achieve this goal?

CompTIA's CAS-005 A malicious actor exploited firmware vulnerabilities and used rootkits in an attack on an organization. After the organization recovered from the incident, an engineer needs to recommend a solution that reduces the likelihood of the same type of attack in the future. Which of the following is the most relevant solution?

CompTIA's CAS-005 Which of the following enables the meaningful manipulation of encrypted data when the processor does not know the encryption key?

CompTIA's CAS-005 Emails that the marketing department is sending to customers are going to the customers’ spam folders. The security team is investigating the issue and discovers that the certificates used by the email server were reissued, but DNS records had not been updated. Which of the following should the security team update in order to fix this issue? (Choose three.) E. SASE F. SAN G. SOA H. MX

CompTIA's CAS-005 A security engineer performed a code scan that resulted in many false positives. The security engineer must find a solution that improves the quality of scanning results before application deployment. Which of the following is the best solution?

CompTIA's CAS-005 A global company with a remote workforce implemented a new VPN solution. After deploying the VPN solution to several hundred users, the help desk starts receiving reports of slow access to both internally and externally available applications. A security analyst reviews the following:VPN client routing:0.0.0.0/0 eth1Which of the following solutions should the analyst use to fix this issue?

CompTIA's CAS-005 A security analyst is reviewing suspicious log-in activity and sees the following data in the SIEM:Which of the following is the most appropriate action for the analyst to take?

CompTIA's CAS-005 An organization determined its preparedness for a ransomware attack is inadequate. A security administrator is working on ways to improve and monitor the organization's response to ransomware attacks. Which of the following is the best action for the administrator to take?

CompTIA's CAS-005 A security engineer receives an alert from the SIEM platform indicating a possible malicious action on the internal network. The engineer generates a report that outputs the logs associated with the incident:Which of the following actions best enables the engineer to investigate further?

CompTIA's CAS-005 A security engineer must integrate device attestation into user authentication and authorization workflows for mobile devices. Which of the following best meets the requirements?

CompTIA's CAS-005 An organization is developing an AI-enabled digital worker to help employees complete common tasks, such as template development, editing, research, and scheduling. As part of the AI workload, the organization wants to implement guardrails within the platform. Which of the following should the company do to secure the AI environment?

CompTIA's CAS-005 A security analyst discovered requests associated with IP addresses known for both legitimate and bot-related traffic. Which of the following should the analyst use to determine whether the requests are malicious?

CompTIA's CAS-005 A security analyst received a report that an internal web page is down after a company-wide update to the web browser. Given the following error message:Your connection is not private.Attackers might be trying to steal your information for www. internalwebsite.company.com.NET::ERR_CERT_WEAK_SIGNATURE_ALGORITHMWhich of the following is the best way to fix this issue?

CompTIA's CAS-005 A company receives reports about misconfigurations and vulnerabilities in a third-party hardware device that is part of its released products. Which of the following solutions is the best way for the company to identify possible issues at an earlier stage?

CompTIA's CAS-005 While performing threat-hunting functions, an analyst is using the Diamond Model of Intrusion Analysis. The analyst identifies the likely adversary, the infrastructure involved, and the target. Which of the following must the threat hunter document to use the model effectively?

CompTIA's CAS-005 A nation-state actor is exposed for attacking large corporations by establishing persistence in smaller companies that are likely to be acquired by these large corporations. The actor then provisions user accounts in the companies for use post-acquisition. Before an upcoming acquisition, a security officer conducts threat modeling with this attack vector. Which of the following practices is the best way to investigate this threat?

CompTIA's CAS-005 After an incident response exercise, a security administrator reviews the following table:Which of the following should the administrator do to best support rapid incident response in the future?

CompTIA's CAS-005 An organization is required to:• Respond to internal and external inquiries in a timely manner.• Provide transparency.• Comply with regulatory requirements.The organization has not experienced any reportable breaches but wants to be prepared if a breach occurs in the future. Which of the following is the best way for the organization to prepare?

CompTIA's CAS-005 Which of the following best explains the business requirement a healthcare provider fulfills by encrypting patient data at rest?

CompTIA's CAS-005 A security engineer is implementing security measures on new hardware in preparation for its launch. During the development phase, a risk related to protections at the UEFI level was found. Which of the following should the engineer recommend to reduce this risk?

CompTIA's CAS-005 A hotel chain wants to use point-of-sale systems to allow customers to check in and out of their rooms without employee assistance. These systems should limit access to a specific set of programs approved to run, with all other programs blocked. Which of the following should the company configure to best support this goal?

CompTIA's CAS-005 A user reports application access issues to the help desk. The help desk reviews the logs for the user:Which of the following is most likely the reason for the issue?

CompTIA's CAS-005 A global organization wants to manage all endpoint and user telemetry. The organization also needs to differentiate this data based on which office it is correlated to. Which of the following strategies best aligns with this goal?

CompTIA's CAS-005 A security architect must make sure that the least number of services as possible is exposed in order to limit an adversary's ability to access the systems. Which of the following should the architect do first?