CAS-005 Exam Questions

A security engineer is assessing a legacy server and needs to determine if FTP is running and on which port. The service cannot be turned off, as it would impact a critical applica...

A security administrator wants to detect a potential forged sender claim in the envelope of an email. Which of the following should the security administrator implement? (Choose tw...

A company recently migrated its critical web application to a cloud provider's environment. As part of the company's risk management program, the company intends to conduct an exte...

The management team at a company with a large, aging server environment is conducting a server risk assessment in order to create a replacement strategy. The replacement strategy w...

A company created an external application for its customers. A security researcher now reports that the application has a serious LDAP injection vulnerability that could be leverag...

Due to reports of malware targeting companies in the same industry, an organization wants to develop a comprehensive list of IoCs to determine if its systems might be affected in a...

A firewall administrator needs to ensure all traffic across the company network is inspected. The administrator gathers data and finds the following information regarding the typic...

Which of the following is a security concern for DNP3?

A security administrator needs to develop a remediation plan to address a large number of vulnerability scan results. Which of the following should the administrator use to determi...

An organization's senior security architect would like to develop cyberdefensive strategies based on standardized adversary techniques, tactics, and procedures commonly observed. W...

A company is looking for a solution to hide data stored in databases. The solution must meet the following requirements: - Be efficient at protecting the production environment - N...

A software developer is working on a piece of code required by a new software package. The code should use a protocol to verify the validity of a remote identity. Which of the foll...

Which of the following is record-level encryption commonly used to do?

A system of globally distributed certificate servers connected to HSMs provide certificate security services for a publicly available PKI. These services include OCSP, certificate...

An administrator brings the company's fleet of mobile devices into its PKI in order to align device WLAN NAC configurations with existing workstations and laptops. Thousands of dev...

The ISAC for the retail industry recently released a report regarding social engineering tactics in which small groups create distractions for employees while other malicious indiv...

In a recent audit, several critical legacy systems, which are externally exposed so that a specific vendor can manage them remotely, were identified. These systems must remain avai...

An incident response analyst finds the following content inside of a log file that was collected from a compromised server: %б%90/90/./..<XML?......nty.......2308%6%678...whoami......

A company plans to deploy a new online application that provides video training for its customers. As part of the design, the application must be: - Fast for all users - Available...

During a security review for the CI/CD process, a security engineer discovers the following information in a testing repository from the company: Which of the following options is...

A company must meet the following security requirements when implementing controls in order to be compliant with government policy: - Access to the system document repository must...

Based on the results of a SAST report on a legacy application, a security engineer is reviewing the following snippet of code flagged as vulnerable: Which of the following is the v...

A company detects suspicious activity associated with inbound connections. Security detection tools are unable to categorize this activity. Which of the following is the best solut...

After discovering that an employee is using a personal laptop to access highly confidential data, a systems administrator must secure the company's data. Which of the following cap...

An organization is increasing its focus on training that addresses new social engineering and phishing attacks. Which of the following is the organization most concerned about?

A security engineer discovers that some legacy systems are still in use or were not properly decommissioned. After further investigation, the engineer identifies that an unknown an...

A systems administrator is working with clients to verify email-based services are performing properly. The administrator wants to have the email server digitally sign outbound ema...

A company is migrating from a Windows Server to Linux-based servers. A security engineer must deploy a configuration management solution that maintains security software across all...

A security engineer is developing a solution to meet the following requirements: - All endpoints should be able to establish telemetry with a SIEM. - All endpoints should be able t...

A security engineer needs to create multiple servers in a company's private cloud. The servers should have a virtual network infrastructure that supports connectivity, as well as s...

A company is planning to migrate all of its on-site-hosted applications to a public cloud provider. Which of the following is the best way to reduce the scope of security-relevant...

A security architect must implement security controls in a software development life cycle for an internally developed application. The architect must identify the components that...

A security analyst collects the logs from the web server that is associated with a security incident. The analyst finds the following entry in the logs: SELECT user FROM Customers...

A security analyst discovers a compromised internal server and finds that the attack vector was an application. When extracting a memory dump with the application process content,...

A company implements an AI model that handles sensitive and personally identifiable information. Which of the following threats is most likely the company's primary concern?

An engineer is designing a wireless access solution that must comply with the IEEE-specified security requirements for the 802.1X protocol. The engineer wants to streamline access...

An organization must provide access to its internal system data. The organization requires that this access complies with the following: - Access must be automated. - Data confiden...

Following a security incident, a company decides to improve its device management. The company establishes the following requirements for the new process: - EOL devices must be pro...

A security engineer needs to remediate a SWEET32 vulnerability in an OpenSSH-based application and review existing configurations. Which of the following should the security engine...

A DevOps engineer sets up a CI/CD pipeline to deploy application container images in the Kubernetes production environment. The security engineer wants to prevent the deployment of...

In order to follow new regulations, the Chief Information Security Officer plans to use a defense- in-depth approach for a perimeter network. Which of the following protections wou...

Protected company data was recently exfiltrated. The SOC did not find any indication of a network or outside physical intrusion, and the DLP systems reported no unusual activity. T...

A security team is evaluating the following vulnerabilities in response to a third-party risk assessment: Given the following organizational policy requirements: - Any adjusted CVS...

During an incident response activity, the response team collected some artifacts from a compromised server, but the following information is missing: - Source of the malicious file...

A security architect performs a baseline review on the SIEM. The findings indicate that multiple use cases are missing and coverage is limited for defense evasion techniques. Which...

A vulnerability scan was performed on a website, and the following encryption suites were found: Which of the following actions will remediate the vulnerability?

A company needs to quickly assess whether software deployed across the company's global corporate network contains specific software libraries. Which of the following best enables...

During a recent security event, access from the non-production environment to the production environment enabled unauthorized users to install unapproved software and make unplanne...

A security architect is performing threat-modeling activities related to an acquired overseas software company that will be integrated with existing products and systems. Once its...

An organization purchased a new manufacturing facility and the security administrator needs to: - Implement security monitoring. - Protect any non-traditional device(s)/network(s)....