CAS-005 Exam Questions

Two companies that recently merged would like to unify application access between the companies, without initially merging internal authentication stores. Which of the following te...

An analyst needs to evaluate all images and documents that are publicly shared on a website. Which of the following would be the best tool to evaluate the metadata of these files?

An organization has deployed a cloud-based application that provides virtual event services globally to clients. During a typical event, thousands of users access various entry pag...

An organization's board of directors has asked the Chief Information Security Officer to build a third-party management program. Which of the following best explains a reason for t...

A company is rewriting a vulnerable application and adding the mprotect() system call in multiple parts of the application's code that was being leveraged by a recent exploitation...

Which of the following items should be included when crafting a disaster recovery plan?

A web application server is running a legacy operating system with an unpatched RCE vulnerability. The server cannot be upgraded until the corresponding application code is changed...

Which of the following is the reason why security engineers often cannot upgrade the security of embedded facility automation systems?

A security analyst identified a vulnerable and deprecated runtime engine that Is supporting a public-facing banking application. The developers anticipate the transition to modern...

A security architect wants to ensure a remote host's identity and decides that pinning the X.509 certificate to the device is the most effective solution. Which of the following mu...

A company hired a third-party consultant to run a cybersecurity incident simulation in order to identify security gaps and prepare stakeholders for a potential incident. Which of t...

A security officer is requiring all personnel working on a special project to obtain a security clearance requisite with the level of all information being accessed. Data on this n...

A security team receives alerts regarding impossible travel and possible brute-force attacks after normal business hours. After reviewing more logs, the team determines that specif...

A company recently acquired a SaaS company and performed a gap analysis. The results of the gap analysis Indicate security controls are absent throughout the SDLC and have led to s...

Which of the following is the best reason for obtaining file hashes from a confiscated laptop?

Which of the following describes how a risk assessment is performed when an organization has a critical vendor that provides multiple products?

A security engineer is performing a vulnerability management scan on multihomed Linux systems. The engineer notices that the vulnerability count is high due to the fact that each v...

Which of the following best describes a risk associated with using facial recognition to locally authenticate to a mobile device?

The principal security analyst for a global manufacturer is investigating a security incident related to abnormal behavior in the ICS network. A controller was restarted as part of...

A web service provider has just taken on a very large contract that comes with requirements that are currently not being implemented. In order to meet contractual requirements, the...

An analyst is working to address a potential compromise of a corporate endpoint and discovers the attacker accessed a user's credentials. However, it is unclear if the system basel...

A company is decommissioning old servers and hard drives that contain sensitive data. Which of the following best protects against data leakage?

An engineer has had scaling issues with a web application hosted on premises and would like to move to a serverless architecture. Which of the following cloud benefits would be bes...

An organization needs to classify its systems and data in accordance with external requirements. Which of the following roles is best qualified to perform this task?

A company is developing an application that will be used to perform e-commerce transactions for a subscription-based service. The application must be able to use previously saved p...

A security technician is trying to connect a remote site to the central office over a site-to-site VPN. The technician has verified the source and destination IP addresses are corr...

A security analyst received the following finding from a cloud security assessment tool: Virtual Machine Data Disk is encrypted with the default encryption key. Because the organiz...

A security analyst discovers a new device on the company's dedicated IoT subnet during the most recent vulnerability scan. The scan results show numerous open ports and insecure pr...

The Chief Information Security Officer of a large multinational organization has asked the security risk manager to use risk scenarios during a risk analysis. Which of the followin...

A security engineer would like to control configurations on mobile devices while fulfilling the following requirements: - Support and control Apple and Android devices. - The devic...

A pharmaceutical company uses a cloud provider to host thousands of independent resources in object storage. The company needs a practical and effective means of discovering data,...

Recently, two large engineering companies in the same line of business decided to approach cyberthreats in a united way. Which of the following best describes this unified approach...

A security architect recommends replacing the company's monolithic software application with a containerized solution. Historically, secrets have been stored in the application's c...

A security engineer is assessing a new tool to segment data and communications between domains. The assessment must determine how data transmission controls can be bypassed without...

During an adversarial simulation exercise, an external team was able to gain access to sensitive information and systems without the organization detecting this activity. Which of...

A help desk technician is troubleshooting an issue with an employee's laptop that will not boot into its operating system. The employee reported the laptop had been stolen but then...

SIMULATION You are about to enter the virtual environment. DO NOT perform the following actions within the virtual environment. Making any of these changes will cause the virtual e...

SIMULATION An incident occurred at Site A when an attacker successfully caused water pressure to increase in the pump room. The organization is concerned about reoccurrence of this...

A network engineer recorded the following test results: After a new network security appliance was deployed, the results of the network test are as follows: Which of the following...

A security engineer reviews an after-action report from a previous security breach and notes a long lag time between detection and containment of a compromised account. The enginee...

A Chief Information Security Officer requests an action plan to remediate vulnerabilities. A security analyst reviews the output from a recent vulnerability scan and notices hundre...

A developer receives feedback about code quality and efficiency. The developer needs to identify and resolve the following coding issues before submitting the code changes for peer...

Which of the following enables the meaningful manipulation of encrypted data when the processor does not know the encryption key?

A global company with a remote workforce implemented a new VPN solution. After deploying the VPN solution to several hundred users, the help desk starts receiving reports of slow a...

A security engineer is implementing security measures on new hardware in preparation for its launch. During the development phase, a risk related to protections at the UEFI level w...

A development team must create a website to share indicators of compromise. The team wants to use APIs between industry peers to aid in configuring SIEM and SOAR. The team needs to...

A hotel chain wants to use point-of-sale systems to allow customers to check in and out of their rooms without employee assistance. These systems should limit access to a specific...

An administrator needs to craft a single certificate-signing request for a web-server certificate. The server should be able to use the following identities to mutually authenticat...

A hospital provides tablets to its medical staff to enable them to more quickly access and edit patients' charts. The hospital wants to ensure that if a tablet is identified as los...

An ISAC supplied recent threat intelligence information about pictures used on social media that provide reconnaissance of systems in use in secure facilities. In response, the Chi...