CompTIA CAS-005 Practice Exams
Last updated on Apr 07,2025- Exam Code: CAS-005
- Exam Name: CompTIA SecurityX Certification Exam
- Certification Provider: CompTIA
- Latest update: Apr 07,2025
A systems administrator wants to introduce a newly released feature for an internal application. The administrate docs not want to test the feature in the production environment.
Which of the following locations is the best place to test the new feature?
- A . Staging environment
- B . Testing environment
- C . CI/CO pipeline
- D . Development environment
Users are experiencing a variety of issues when trying to access corporate resources examples include
• Connectivity issues between local computers and file servers within branch offices
• Inability to download corporate applications on mobile endpoints wtiilc working remotely
• Certificate errors when accessing internal web applications
Which of the following actions are the most relevant when troubleshooting the reported issues? (Select two).
- A . Review VPN throughput
- B . Check IPS rules
- C . Restore static content on lite CDN.
- D . Enable secure authentication using NAC
- E . Implement advanced WAF rules.
- F . Validate MDM asset compliance
A vulnerability can on a web server identified the following:
Which of the following actions would most likely eliminate on path decryption attacks? (Select two).
- A . Disallowing cipher suites that use ephemeral modes of operation for key agreement
- B . Removing support for CBC-based key exchange and signing algorithms
- C . Adding TLS_ECDHE_ECDSA_WITH_AE3_256_GCMS_HA256
- D . Implementing HIPS rules to identify and block BEAST attack attempts
- E . Restricting cipher suites to only allow TLS_RSA_WITH_AES_128_CBC_SHA
- F . Increasing the key length to 256 for TLS_RSA_WITH_AES_128_CBC_SHA
During a forensic review of a cybersecurity incident, a security engineer collected a portion of the payload used by an attacker on a comprised web server.
Given the following portion of the code:
Which of the following best describes this incident?
- A . XSRF attack
- B . Command injection
- C . Stored XSS
- D . SQL injection
Which of the following AI concerns is most adequately addressed by input sanitation?
- A . Model inversion
- B . Prompt Injection
- C . Data poisoning
- D . Non-explainable model
A security analyst is reviewing the following authentication logs:
Which of the following should the analyst do first?
- A . Disable User2’s account
- B . Disable User12’s account
- C . Disable User8’s account
- D . Disable User1’s account
After an incident occurred, a team reported during the lessons-learned review that the team.
* Lost important Information for further analysis.
* Did not utilize the chain of communication
* Did not follow the right steps for a proper response
Which of the following solutions is the best way to address these findinds?
- A . Requesting budget for better forensic tools to Improve technical capabilities for Incident response operations
- B . Building playbooks for different scenarios and performing regular table-top exercises
- C . Requiring professional incident response certifications tor each new team member
- D . Publishing the incident response policy and enforcing it as part of the security awareness program
An organization is looking for gaps in its detection capabilities based on the APTs that may target the industry.
Which of the following should the security analyst use to perform threat modeling?
- A . ATT&CK
- B . OWASP
- C . CAPEC
- D . STRIDE
While reviewing recent modem reports, a security officer discovers that several employees were contacted by the same individual who impersonated a recruiter.
Which of the following best describes this type of correlation?
- A . Spear-phishing campaign
- B . Threat modeling
- C . Red team assessment
- D . Attack pattern analysis
Developers have been creating and managing cryptographic material on their personal laptops fix use in production environment. A security engineer needs to initiate a more secure process.
Which of the following is the best strategy for the engineer to use?
- A . Disabling the BIOS and moving to UEFI
- B . Managing secrets on the vTPM hardware
- C . Employing shielding lo prevent LMI
- D . Managing key material on a HSM