CAS-005 Exam Questions

A company hosts a platform-as-a-service solution with a web-based front end, through which customers interact with data sets. A security administrator needs to deploy controls to p...

A security analyst is reviewing the following log: Which of the following possible events should the security analyst investigate further?

A systems administrator wants to use existing resources to automate reporting from disparate security appliances that do not currently communicate. Which of the following is the be...

A developer needs to improve the cryptographic strength of a password-storage component in a web application without completely replacing the crypto-module. Which of the following...

A company receives several complaints from customers regarding its website. An engineer implements a parser for the web server logs that generates the following output: Which of th...

A security officer received several complaints from users about excessive MFA push notifications at night. The security team investigates and suspects malicious activities regardin...

A security professional is investigating a trend in vulnerability findings for newly deployed cloud systems. Given the following output: Which of the following actions would addres...

Which of the following best describes the challenges associated with widespread adoption of homomorphic encryption techniques?

After some employees are caught uploading data to online personal storage accounts, a company becomes concerned about data leaks related to sensitive, internal documentation. Which...

An organization wants to create a threat model to identity vulnerabilities in its infrastructure. Which of the following, should be prioritized first?

A central bank implements strict risk mitigations for the hardware supply chain, including an allow list for specific countries of origin. Which of the following best describes the...

A company's security team is notified about vulnerabilities in the company's application. The security team determined these vulnerabilities were previously disclosed in third-part...

While reviewing recent incident reports a security officer discovers that several employees were contacted by the same individual who impersonated a recruiter. Which of the followi...

During a security assessment using an EDR solution, a security engineer generates the following report about the assets in the system: After five days, the EDR console reports a bl...

Emails that the marketing department is sending to customers are going to the customers' spam folders. The security team is investigating the issue and discovers that the certifica...

Users are experiencing a variety of issues when trying to access corporate resources. Examples include: - Connectivity issues between local computers and file servers within branch...

A software engineer is creating a CI/CD pipeline to support the development of a web application. The DevSecOps team is required to identify syntax errors. Which of the following i...

An organization is looking for gaps in its detection capabilities based on the APTs that may target the industry. Which of the following should the security analyst use to perform...

A security analyst detected unusual network traffic related to program updating processes. The analyst collected artifacts from compromised user workstations. The discovered artifa...

A company isolates its ОТ systems from other areas of the corporate network. These systems are required to report usage information over the internet to the vendor. Which of the fo...

A security engineer wants to reduce the attack surface of a public-facing containerized application. Which of the following will best reduce the application's privilege escalation...

A compliance officer is reviewing the data sovereignty laws in several countries where the organization has no presence. Which of the following is the most likely reason for review...

A security analyst wants to use lessons learned from a prior incident response to reduce dwell time in the future. The analyst is using the following data points: Which of the foll...

A security analyst received a notification from a cloud service provider regarding an attack detected on a web server. The cloud service provider shared the following information a...

A company's SIEM is continuously reporting false positives and false negatives. The security operations team has implemented configuration changes to troubleshoot possible reportin...

A security analyst needs to ensure email domains that send phishing attempts without previous communications are not delivered to mailboxes. The following email headers are being r...

A company recently experienced an incident in which an advanced threat actor was able to shim malicious code against the hardware stack of a domain controller. The forensic team cr...

A company receives reports about misconfigurations and vulnerabilities in a third-party hardware device that is part of its released products. Which of the following solutions is t...

Which of the following best explains the business requirement a healthcare provider fulfills by encrypting patient data at rest?

A user submits a help desk ticket stating then account does not authenticate sometimes. An analyst reviews the following logs for the user: Which of the following best explains the...

A systems administrator works with engineers to process and address vulnerabilities as a result of continuous scanning activities. The primary challenge faced by the administrator...

A company that relies on an COL system must keep it operating until a new solution is available. Which of the following is the most secure way to meet this goal?

A healthcare system recently suffered from a ransomware incident. As a result, the board of directors decided to hire a security consultant to improve existing network security. Th...

An organization wants to manage specialized endpoints and needs a solution that provides the ability to: - Centrally manage configurations - Push policies. - Remotely wipe devices...

A company plans to implement a research facility with intellectual property data that should be protected. The following is the security diagram proposed by the security architect:...

A financial services organization is using AI to fully automate the process of deciding client loan rates. Which of the following should the organization be most concerned about fr...

A company wants to use loT devices to manage and monitor thermostats at all facilities. The thermostats must receive vendor security updates and limit access to other devices withi...

An engineering team determines the cost to mitigate certain risks is higher than the asset values. The team must ensure the risks are prioritized appropriately. Which of the follow...

Company A acquired Company В and needs to determine how the acquisition will impact the attack surface of the organization as a whole. Which of the following is the best way to ach...

A security administrator is performing a gap assessment against a specific OS benchmark. The benchmark requires the following configurations be applied to endpoints: - Full disk en...

After an incident response exercise, a security administrator reviews the following table: Which of the following should the administrator do to best support rapid incident respons...

Company A and Company D are merging Company A's compliance reports indicate branch protections are not in place. A security analyst needs to ensure that potential threats to the so...

A security analyst discovered requests associated with IP addresses known for born legitimate 3nd bot-related traffic. Which of the following should the analyst use to determine wh...

An organization is required to: - Respond to internal and external inquiries in a timely manner - Provide transparency. - Comply with regulatory requirements The organization has n...

A security analyst reviews the following event timeline from an EDR solution: Which of the following has most likely occurred and needs to be fixed?

A security engineer is developing a solution to meet the following requirements: - All endpoints should be able to establish telemetry with a SIEM. - All endpoints should be able t...

A systems administrator wants to reduce the number of failed patch deployments in an organization. The administrator discovers that system owners modify systems or applications in...

An audit finding reveals that a legacy platform has not retained logs for more than 30 days. The platform has been segmented due to its interoperability with newer technology. As a...

A company wants to invest in research capabilities with the goal to operationalize the research output. Which of the following is the best option for a security architect to recomm...

Which of the following is the main reason quantum computing advancements are leading companies and countries to deploy new encryption algorithms?