CAS-005 Exam Questions

A network engineer must ensure that always-on VPN access is enabled Curt restricted to company assets. Which of the following best describes what the engineer needs to do?

A company that uses containers to run its applications is required to identify vulnerabilities on every container image in a private repository. The security team needs to be able...

A security engineer performed a code scan that resulted in many false positives. The security engineer must find a solution that improves the quality of scanning results before app...

A security engineer needs 10 secure the OT environment based on me following requirements: - Isolate the OT network segment - Restrict Internet access. - Apply security updates two...

A news organization wants to implement workflows that allow users to request that untruthful data be retraced and scrubbed from online publications to comply with the right to be f...

An organization wants to implement a platform to better identify which specific assets are affected by a given vulnerability. Which of the following components provides the best fo...

A cloud engineer needs to identify appropriate solutions to: - Provide secure access to internal and external cloud resources. - Eliminate split-tunnel traffic flows. - Enable iden...

During a gap assessment, an organization notes that BYOD usage is a significant risk. The organization implemented administrative policies prohibiting BYOD usage. However, the orga...

Audit findings indicate several user endpoints are not utilizing full disk encryption. During me remediation process, a compliance analyst reviews the testing details for the endpo...

A global manufacturing company has an internal application that is critical to making products. This application cannot be updated and must be available in the production area. A s...

A software company deployed a new application based on its internal code repository. Several customers are reporting anti-malware alerts on workstations used to test the applicatio...

A senior security engineer flags the following log file snippet as having likely facilitated an attacker's lateral movement in a recent breach: Which of the following solutions, if...

A security operations engineer needs to prevent inadvertent data disclosure when encrypted SSDs are reused within an enterprise. Which of the following is the most secure way to ac...

A security engineer is given the following requirements: - An endpoint must only execute Internally signed applications - Administrator accounts cannot install unauthorized softwar...

A security analyst is troubleshooting the reason a specific user is having difficulty accessing company resources. The analyst reviews the following information: Which of the follo...

A security analyst received a report that an internal web page is down after a company-wide update to the web browser. Given the following error message: Your connection is not pri...

A security analyst reviews the following report: Which of the following assessments is the analyst performing?

A company's help desk is experiencing a large number of calls from the finance department security logs: Which of the following is most likely the cause of the issue?

A company wants to implement hardware security key authentication for accessing sensitive information systems. The goal is to prevent unauthorized users from gaining access with a...

A security analyst is reviewing suspicious log-in activity and sees the following data in the SIEM: Which of the following is the most appropriate action for the analyst to take?

Which of the following is the security engineer most likely doing?

A security administrator needs to automate alerting. The server generates structured log files that need to be parsed to determine whether an alarm has been triggered. Given the fo...

An organization is implementing Zero Trust architecture. A systems administrator must increase the effectiveness of the organization's context-aware access system. Which of the fol...

A company detects suspicious activity associated with external connections. Security detection tools are unable to categorize this activity. Which of the following is the best solu...

A security analyst is reviewing the following authentication logs: Which of the following should the analyst do first?

Which of the following AI concerns is most adequately addressed by input sanitization?

A systems administrator wants to introduce a newly released feature for an internal application. The administrate docs not want to test the feature in the production environment. W...

A cybersecurity architect is reviewing the detection and monitoring capabilities for a global company that recently made multiple acquisitions. The architect discovers that the acq...

After an incident occurred, a team reported during the lessons-learned review that the team. - Lost important Information for further analysis. - Did not utilize the chain of commu...

After remote desktop capabilities were deployed in the environment, various vulnerabilities were noticed. - Exfiltration of intellectual property - Unencrypted files - Weak user pa...

A systems engineer is configuring a system baseline for servers that will provide email services. As part of the architecture design, the engineer needs to improve performance of t...

A company hired an email service provider called my-email.com to deliver company emails. The company started having several issues during the migration. A security engineer is trou...

Within a SCADA a business needs access to the historian server in order together metric about the functionality of the environment. Which of the following actions should be taken t...

All organization is concerned about insider threats from employees who have individual access to encrypted material. Which of the following techniques best addresses this issue?

A vulnerability can on a web server identified the following: Which of the following actions would most likely eliminate on path decryption attacks? (Select two).

The identity and access management team is sending logs to the SIEM for continuous monitoring. The deployed log collector is forwarding logs to the SIEM. However, only false positi...

An incident response team is analyzing malware and observes the following: - Does not execute in a sandbox - No network loCs - No publicly known hash match - No process injection m...

Which of the following best explains the importance of determining organization risk appetite when operating with a constrained budget?

Recent repents indicate that a software tool is being exploited. Attackers were able to bypass user access controls and load a database. A security analyst needs to find the vulner...

A company wants to implement a three-tier approach to separate the web, database, and application servers. A security administrator must harden the environment. Which of the follow...

A security architect wants to develop a baseline of security configurations. These configurations automatically will be utilized machine is created. Which of the following technolo...

A company updates its cloud-based services by saving infrastructure code in a remote repository. The code is automatically deployed into the development environment every time the...

A financial technology firm works collaboratively with business partners in the industry to share threat intelligence within a central platform. This collaboration gives partner or...

A Chief Information Security Officer (CISO) is concerned that a company's current data disposal procedures could result in data remanence. The company uses only SSDs. Which of the...

During a forensic review of a cybersecurity incident, a security engineer collected a portion of the payload used by an attacker on a comprised web server. Given the following port...

A security architect for a global organization with a distributed workforce recently received funding lo deploy a CASB solution. Which of the following most likely explains the cho...

A company's security policy states that any publicly available server must be patched within 12 hours after a patch is released. A recent IIS zero-day vulnerability was discovered...

A security review revealed that not all of the client proxy traffic is being captured. Which of the following architectural changes best enables the capture of traffic for analysis...

A company is having issues with its vulnerability management program New devices/lPs are added and dropped regularly, making the vulnerability report inconsistent. Which of the fol...

Developers have been creating and managing cryptographic material on their personal laptops fix use in production environment. A security engineer needs to initiate a more secure p...