CAS-005 Exam Questions

A company that uses several cloud applications wants to properly identify: - All the devices potentially affected by a given vulnerability. - All the internal servers utilizing the...

Employees use their badges to track the number of hours they work. The badge readers cannot be upgraded due to facility constraints. The software for the badge readers uses a legac...

A company's internal network is experiencing a security breach, and the threat actor is still active. Due to business requirements, users in this environment are allowed to utilize...

A security engineer must resolve a vulnerability in a deprecated version of Python for a custom- developed flight simulation application that is monitored and controlled remotely....

A building camera is remotely accessed and disabled from the remote console application during off-hours. A security analyst reviews the following logs: Which of the following acti...

A user reports application access issues to the help desk. The help desk reviews the logs for the user: Which of the following is most likely the reason for the issue?

A systems engineer is configuring SSO for a business that will be using SaaS applications for its remote-only workforce. Privileged actions in SaaS applications must be allowed onl...

A company wants to modify its process to comply with privacy requirements after an incident involving PII data in a development environment. In order to perform functionality tests...

A security architect must make sure that the least number of services as possible is exposed in order to limit an adversary's ability to access the systems. Which of the following...

A company must build and deploy security standards for all servers in its on-premises and cloud environments based on hardening guidelines. Which of the following solutions most li...

A threat hunter is identifying potentially malicious activity associated with an APT. When the threat hunter runs queries against the SIEM platform with a date range of 60 to 90 da...

An organization recently implemented a new email DLP solution. Emails sent from company email addresses to matching personal email addresses generated a large number of alerts, but...

An organization that performs real-time financial processing is implementing a new backup solution. Given the following business requirements: - The backup solution must reduce the...

A company migrating to a remote work model requires that company-owned devices connect to a VPN before logging in to the device itself. The VPN gateway requires that a specific key...

An organization has noticed an increase in phishing campaigns utilizing typosquatting. A security analyst needs to enrich the data for commonly used domains against the domains use...

An analyst reviews a SIEM and generates the following report: Only HOST002 is authorized for internet traffic. Which of the following statements is accurate?

An organization determines existing business continuity practices are inadequate to support critical internal process dependencies during a contingency event. A compliance analyst...

A company recently experienced a ransomware attack. Although the company performs systems and data backup on a schedule that aligns with its RPO (Recovery Point Objective) requirem...

A compliance officer is facilitating a business impact analysis and wants business unit leaders to collect meaningful data. Several business unit leaders want more information abou...

A company's SIEM is designed to associate the company's asset inventory with user events. Given the following report: Which of the following should a security engineer investigate...

During a recent security event, access from the non-production environment to the production environment enabled unauthorized users to: - Install unapproved software - Make unplann...

An organization hires a security consultant to establish a SOC that includes a threat-modeling function. During initial activities, the consultant works with system engineers to id...

An external SaaS solution user reports a bug associated with the role-based access control module. This bug allows users to bypass system logic associated with client segmentation...

Which of the following best describes the reason a network architect would enable forward secrecy on all VPN tunnels?

During a periodic internal audit, a company identifies a few new, critical security controls that are missing. The company has a mature risk management program in place, and the fo...

A security engineer must ensure that sensitive corporate information is not exposed if a company laptop is stolen. Which of the following actions best addresses this requirement?

A company was recently infected by malware. During the root cause analysis, the company determined that several users were installing their own applications. To prevent further com...

An organization is developing a disaster recovery plan that requires data to be backed up and available at a moment's notice. Which of the following should the organization conside...

A technician is reviewing the logs and notices a large number of files were transferred to remote sites over the course of three months. This activity then stopped. The files were...

Due to locality and budget constraints, an organization's satellite office has a lower bandwidth allocation than other offices. As a result, the local security infrastructure staff...

Which of the following supports the process of collecting a large pool of behavioral observations to inform decision-making?

A security analyst is using data provided from a recent penetration test to calculate CVSS scores to prioritize remediation. Which of the following metric groups would the analyst...

An analyst has prepared several possible solutions to a successful attack on the company. The solutions need to be implemented with the least amount of downtime. Which of the follo...

An organization is researching the automation capabilities for systems within an OT network. A security analyst wants to assist with creating secure coding practices and would like...

A security engineer is implementing a code signing requirement for all code developed by the organization. Currently, the PKI only generates website certificates. Which of the foll...

Which of the following are risks associated with vendor lock-in? (Choose two.)

An auditor is reviewing the logs from a web application to determine the source of an incident. The web application architecture includes an internet-accessible application load ba...

An organization is prioritizing efforts to remediate or mitigate risks identified during the latest assessment. For one of the risks, a full remediation was not possible, but the o...

A security analyst is reviewing the following vulnerability assessment report: 192.168.1.5, Host = Server1, CVSS 7.5, Web Server, Remotely Executable = Yes, Exploit = Yes 205.1.3.5...

PKI can be used to support security requirements in the change management process. Which of the following capabilities does PKI provide for messages?

A user from the sales department opened a suspicious file attachment. The sales department then contacted the SOC to investigate a number of unresponsive systems, and the team succ...

A security analyst is performing a review of a web application. During testing as a standard user, the following error log appears: Error Message in Database Connection Connection...

A company wants to improve and automate the compliance of its cloud environments to meet industry standards. Which of the following resources should the company use to best achieve...

A malware analyst must examine the following partial file sample recovered from a Linux workstation: Attempts to run the code in a sandbox produce no results. Which of the followin...

An organization currently has IDS, firewall, and DLP systems in place. The systems administrator needs to integrate the tools in the environment to reduce response time. Which of t...

A global organization wants to manage all endpoint and user telemetry. The organization also needs to differentiate this data based on which office it is correlated to. Which of th...

A global company's Chief Financial Officer (CFO) receives a phone call from someone claiming to be the Chief Executive Officer (CEO). The caller claims to be stranded and in desper...

Which of the following best describes the reason PQC preparation is important?

A security team determines that the most significant risks within the pipeline are: - Unauthorized code changes - The current inability to perform independent verification of softw...

A pharmaceutical lab hired a consultant to identify potential risks associated with Building 2, a new facility that is under construction. The consultant received the IT project pl...