CAS-005 Exam Questions

A security engineer is reviewing the following vulnerability scan report: Which of the following should the engineer prioritize for remediation?

A malware researcher has discovered a credential stealer is looking at a specific memory register to harvest passwords that will be used later for lateral movement in corporate net...

Company A acquired Company B. During an audit, a security engineer found Company B's environment was inadequately patched. In response, Company A placed a firewall between the two...

An organization recently implemented a purchasing freeze that has impacted endpoint life-cycle management efforts. Which of the following should a security manager do to reduce ris...

A local government that is investigating a data exfiltration claim was asked to review the fingerprint of the malicious user's actions. An investigator took a forensic image of the...

While investigating a security event an analyst finds evidence that a user opened an email attachment from an unknown source. Shortly after the user opened the attachment, a group...

The device event logs sourced from MDM software are as follows: Which of the following security concerns and response actions would best address the risks posed by the device in th...

Which of the following best describes a common use case for homomorphic encryption?

A security architect is investigating instances of employees who had their phones stolen in public places through seemingly targeted attacks. Devices are able to access company res...

A company undergoing digital transformation is reviewing the resiliency of a CSP and is concerned about meeting SLA requirements in the event of a CSP incident. Which of the follow...

A security engineer wants to propose an MDM solution to mitigate certain risks. The MDM solution should meet the following requirements: - Mobile devices should be disabled if they...

Which of the following security risks should be considered as an organization reduces cost and increases availability of services by adopting serverless computing?

An attacker infiltrated the code base of a hardware manufacturer and inserted malware before the code was compiled. The malicious code is now running at the hardware level across a...

An enterprise is deploying APIs that utilize a private key and a public key to ensure the connection string is protected. To connect to the API, customers must use the private key....

A recent security audit identified multiple endpoints have the following vulnerabilities: - Various unsecured open ports - Active accounts for terminated personnel - Endpoint prote...

After a vendor identified a recent vulnerability, a severity score was assigned to the vulnerability. A notification was also publicly distributed. Which of the following would mos...

A security analyst notices a number of SIEM events that show the following activity: Which of the following response actions should the analyst take first?

A security engineer is reviewing event logs because an employee successfully connected a personal Windows laptop to the corporate network, which is against company policy. Company...

An organization is working to secure its development process to ensure developers cannot deploy artifacts directly into the production environment. Which of the following security...

A security architect discovers the following while reviewing code for a company's website: selection = "SELECT Item FROM Catalog WHERE ItemID = " & Request("ItemID") Which of the f...

A security architect needs to enable a container orchestrator for DevSecOps and SOAR initiatives. The engineer has discovered that several Ansible YAML files used for the automatio...

A CRM company leverages a CSP PaaS service to host and publish Its SaaS product. Recently, a large customer requested that all infrastructure components must meet strict regulatory...

Company A is merging with Company B. Company A is a small, local company. Company B has a large, global presence. The two companies have a lot of duplication in their IT systems, p...

The results of an internal audit indicate several employees reused passwords that were previously included in a published list of compromised passwords. The company has the followi...

A mobile administrator is reviewing the following mobile device DHCP logs to ensure the proper mobile settings are applied to managed devices: Which of the following mobile configu...

A security analyst is investigating a possible insider threat incident that involves the use of an unauthorized USB from a shared account to exfiltrate data. The event did not crea...

Which of the following security features do email signatures provide?

A software development company wants to ensure that users can confirm the software is legitimate when installing it. Which of the following is the best way for the company to achie...

While performing mandatory monthly patch updates on a production application server, the security analyst reports an instance of buffer overflow for a new application that was migr...

Several unlabeled documents in a cloud document repository contain cardholder information. Which of the following configuration changes should be made to the DLP system to correctl...

A systems administrator at a web-hosting provider has been tasked with renewing the public certificates of all customer sites. Which of the following would best support multiple do...

Which of the following best explain why organizations prefer to utilize code that is digitally signed? (Choose two.)

A security engineer receives reports through the organization's bug bounty program about remote code execution in a specific component in a custom application. Management wants to...

A security technician is investigating a system that tracks inventory via a batch update each night. The technician is concerned that the system poses a risk to the business, as er...

A programmer is reviewing the following proprietary piece of code that was identified as a vulnerability due to users being authenticated when they provide incorrect credentials: W...

A senior cybersecurity engineer is solving a digital certificate issue in which the CA denied certificate issuance due to failed subject identity validation. At which of the follow...

An internal user can send encrypted emails successfully to all recipients, except one. at an external organization. When the internal user attempts to send encrypted emails to this...

A security administrator is setting up a virtualization solution that needs to run services from a single host. Each service should be the only one running in its environment. Each...

A company has data it would like to aggregate from its PLCs for data visualization and predictive maintenance purposes. Which of the following is the most likely destination for th...

Which of the following is the best way to protect the website browsing history for an executive who travels to foreign countries where internet usage is closely monitored?

A systems administrator is working with the SOC to identify potential intrusions associated with ransomware. The SOC wants the systems administrator to perform network-level analys...

A retail organization wants to properly test and verify its capabilities to detect and/or prevent specific TTPs as mapped to the MITRE ATTACK framework specific to APTs. Which of t...

IoCs were missed during a recent security incident due to the reliance on a signature-based detection platform. A security engineer must recommend a solution that can be implemente...

A company that provides services to clients who work with highly sensitive data would like to provide assurance that the data's confidentiality is maintained in a dynamic, low-risk...

An organization wants to implement an access control system based on its data classification policy that includes the following data types: - Confidential - Restricted - Internal -...

A security analyst was monitoring the networks of a group of companies. The analyst identified several periods of concentrated, coordinated activity by unknown actors. The activity...

The company's client service team is receiving a large number of inquiries from clients regarding a new vulnerability. Which of the following would provide the customer service tea...

A company wants to use a process to embed a sign of ownership covertly inside a proprietary document without adding any identifying attributes. Which of the following would be best...

Which of the following utilizes policies that route packets to ensure only specific types of traffic are being sent to the correct destination based on application usage?

An incident response team completed recovery from offline backup for several workstations. The workstations were subjected to a ransomware attack after users fell victim to a spear...