CompTIA SecurityX Certification - CAS-005 FREE EXAM DUMPS QUESTIONS & ANSWERS]

Question 1

A company updates itscloud-based services by saving infrastructure code in a remote repository. The code is automatically deployed into the development environment every time the code is saved lo the repository The developers express concern that the deployment often fails, citing minor code issues and occasional security control check failures in the development environment Which of the following should a security engineer recommend to reduce the deployment failures? (Select two).

A. Code submit authorization workflow B. Automated regression testing C. Pre-commit code linting D. Software composition analysis E. Repository branch protection F. Pipeline compliance scanning

Discussion 0

Correct Answer: B,C Vote an answer

Explanation: Only visible for FreeCram members. You can sign-up / login (it's free).

Question 2

An organization wants to implement a platform to better identify which specific assets are affected by a given vulnerability. Which of the following components provides the best foundation to achieve this goal?

A. SLM B. SASE C. CMDB D. SBoM

Discussion 0

Correct Answer: C Vote an answer

Explanation: Only visible for FreeCram members. You can sign-up / login (it's free).

Question 3

A security analyst is reviewing a SIEM and generates the following report:

Later, the incident response team notices an attack was executed on the VM001 host. Which of the following should the security analyst do to enhance the alerting process on the SIEM platform?

A. Perform a log correlation on the SIEM solution. B. Create a new rule set to detect malware. C. Include the EDR solution on the SIEM as a new log source. D. Improve parsing of data on the SIEM.

Discussion 0

Correct Answer: A Vote an answer

Explanation: Only visible for FreeCram members. You can sign-up / login (it's free).

Question 4

Which of the following best explains the importance of determining organization risk appetite when operating with a constrained budget?

A. Organizational risk appetite varies from organization to organization B. Risk appetite directly impacts acceptance of high-impact low-likelihood events. C. Budgetary pressure drives risk mitigation planning in all companies D. Risk appetite directly influences which breaches are disclosed publicly

Discussion 0

Correct Answer: B Vote an answer

Explanation: Only visible for FreeCram members. You can sign-up / login (it's free).

Question 5

A game developer wants to reach new markets and is advised by legal counsel to include specific age-related sign-up requirements. Which of the following best describes the legal counsel ' s concerns?

A. GDPR B. PCI DSS C. COPPA D. LGPD

Discussion 0

Correct Answer: C Vote an answer

Explanation: Only visible for FreeCram members. You can sign-up / login (it's free).

Question 6

During a recent security event, access from the non-production environment to the production environment enabled unauthorized users to install unapproved software and make unplanned configuration changes.
During an investigation, the following findings are identified:
* Several new users were added in bulk by the IAM team.
* Additional firewalls and routers were recently added to the network.
* Vulnerability assessments have been disabled for all devices for more than 30 days.
* The application allow list has not been modified in more than two weeks.
* Logs were unavailable for various types of traffic.
* Endpoints have not been patched in more than ten days.
Which of the following actions would most likely need to be taken to ensure proper monitoring is in place within the organization? (Select two)

A. Review the application allow list on a daily basis to make sure it is properly configured. B. Configure rules on all firewalls to only allow traffic from the production environment to the non- production environment. C. Extend log retention for all security and network devices for 180 days for all traffic. D. Ensure all network and security devices are sending relevant data to the SIEM. E. Disable bulk user creations by the IAM team. F. Routinely update all endpoints and network devices as soon as new patches/hot fixes are available.

Discussion 0

Correct Answer: C,D Vote an answer

Explanation: Only visible for FreeCram members. You can sign-up / login (it's free).

Question 7

A security administrator is reviewing the following code snippet from a website component:

A review of the inc.tmp file shows the following:

Which of the following is most likely the reason for inaccuracies?

A. The WAF is configured to be in transparent mode. B. A content management solution plug-in has been exploited. C. The relevant stylesheet has become corrupted. D. A search engine ' s bots are being blocked at the firewall.

Discussion 0

Correct Answer: B Vote an answer

Explanation: Only visible for FreeCram members. You can sign-up / login (it's free).

Question 8

An engineer wants to automate several tasks by running commands daily on a UNIX server. The engineer has only built-in, default tools available. Which of the following should the engineer use to best assist with this effort? (Select Two).

A. Ansible B. Cron C. Python D. Task Scheduler E. PowerShell F. Bash

Discussion 0

Correct Answer: B,F Vote an answer

Question 9

During a security assessment using an CDR solution, a security engineer generates the following report about the assets in me system:

After five days, the EDR console reports an infection on the host 0WIN23 by a remote access Trojan Which of the following is the most probable cause of the infection?

A. The EDR has an unknown vulnerability that was exploited by the attacker. B. 0W1N29 spreads the malware through other hosts in the network C. OW1N23 uses a legacy version of Windows that is not supported by the EDR D. LN002 was not supported by the EDR solution and propagates the RAT

Discussion 0

Correct Answer: C Vote an answer

Explanation: Only visible for FreeCram members. You can sign-up / login (it's free).

Question 10

Users are willing passwords on paper because of the number of passwords needed in an environment. Which of the following solutions is the best way to manage this situation and decrease risks?

A. implementing an SSO solution and integrating with applications B. Implementing an MFA solution to avoid reliance only on passwords C. Requiring users to use an open-source password manager D. Increasing password complexity to require 31 least 16 characters

Discussion 0

Correct Answer: A Vote an answer

Explanation: Only visible for FreeCram members. You can sign-up / login (it's free).

Question 11

A company that relies on an COL system must keep it operating until a new solution is available Which of the following is the most secure way to meet this goal?

A. Isolating the system and enforcing firewall rules to allow access to only required endpoints B. Restricting system access to perform necessary maintenance by the IT team C. Placing the system in a screened subnet and blocking access from internal resources D. Enforcing strong credentials and improving monitoring capabilities

Discussion 0

Correct Answer: A Vote an answer

Explanation: Only visible for FreeCram members. You can sign-up / login (it's free).

Question 12

Attempts to run the code in a sandbox produce no results. Which of the following should the malware analyst do next to further analyze the malware and discover useful IoCs?

A. Run the encoded sample through an online vulnerability tool and check for any matches. B. Pad the beginning and end of the sample with binary executables and attempt to execute it. C. Convert the hex-encoded sample to binary and attempt to decompile it. D. Use a disassembler on the unencoded snippet to convert from binary to ASCII text.

Discussion 0

Correct Answer: C Vote an answer

Explanation: Only visible for FreeCram members. You can sign-up / login (it's free).

Question 13

A software vendor provides routine functionality and security updates to its global customer base. The vendor would like to ensure distributed updates are authorized, originate from only the company, and have not been modified by others. Which of the following solutions best supports these objectives?

A. File integrity monitoring B. Envelope encryption C. Application control D. Code signing

Discussion 0

Correct Answer: D Vote an answer

Explanation: Only visible for FreeCram members. You can sign-up / login (it's free).

Question 14

A security officer performs due diligence activities before implementing a third-party solution into the enterprise environment. The security officer needs evidence from the third party that a data subject access request handling process is in place. Which of the following is the security officer most likely seeking to maintain compliance?

A. E-discovery requirements B. Reporting frameworks C. Information security standards D. Certification requirements E. Privacy regulations

Discussion 0

Correct Answer: E Vote an answer

Explanation: Only visible for FreeCram members. You can sign-up / login (it's free).

Question 15

A technician is reviewing the logs and notices a large number of files were transferred to remote sites over the course of three months. This activity then stopped. The files were transferred via TLS-protected HTTP sessions from systems that do not normally send traffic to those sites. The technician will define this threat as:

A. A zero-day attack. B. An advanced persistent threat. C. An on-path attack. D. A decrypting RSA using an obsolete and weakened encryption attack.

Discussion 0

Correct Answer: B Vote an answer

Explanation: Only visible for FreeCram members. You can sign-up / login (it's free).