CAS-005

Practice CAS-005 Exam

Is it difficult for you to decide to purchase CompTIA CAS-005 exam dumps questions? CertQueen provides FREE online CompTIA SecurityX Certification Exam CAS-005 exam questions below, and you can test your CAS-005 skills first, and then decide whether to buy the full version or not. We promise you get the following advantages after purchasing our CAS-005 exam dumps questions.
1.Free update in ONE year from the date of your purchase.
2.Full payment fee refund if you fail CAS-005 exam with the dumps

 

 Full CAS-005 Exam Dump Here

Latest CAS-005 Exam Dumps Questions

The dumps for CAS-005 exam was last updated on Jun 28,2025 .

Viewing page 1 out of 8 pages.

Viewing questions 1 out of 42 questions

Question#1

A company hosts a platform-as-a-service solution with a web-based front end, through which customer interact with data sets. A security administrator needs to deploy controls to prevent application-focused attacks.
Which of the following most directly supports the administrator's objective'

A. improving security dashboard visualization on SIEM
B. Rotating API access and authorization keys every two months
C. Implementing application toad balancing and cross-region availability
D. Creating WAF policies for relevant programming languages

Explanation:
The best way to prevent application-focused attacks for a platform-as-a-service solution with a web-based front end is to create Web Application Firewall (WAF) policies for relevant programming languages.
Here’s why:
Application-Focused Attack Prevention: WAFs are designed to protect web applications by filtering and monitoring HTTP traffic between a web application and the Internet. They help prevent attacks such as SQL injection, cross-site scripting (XSS), and other application-layer attacks.
Customizable Rules: WAF policies can be tailored to the specific programming languages and frameworks used by the web application, providing targeted protection based on known vulnerabilities and attack patterns.
Real-Time Protection: WAFs provide real-time protection, blocking malicious requests before they reach the application, thereby enhancing the security posture of the platform.
Reference: CompTIA Security+ SY0-601 Study Guide by Mike Chapple and David Seidl OWASP Top Ten: Web Application Security Risks
NIST Special Publication 800-95: Guide to Secure Web Services

Question#2

A company reduced its staff 60 days ago, and applications are now starting to fail. The security analyst is investigating to determine if there is malicious intent for the application failures.
The security analyst reviews the following logs:
Mar 5 22: 09: 50 akj3 sshd
[21502]: Success login for userOl from 192.168.2.5
Mar 5 22: 10: 00 akj3 sshd
[21502]: Failed login for userID from 192.168.2.5
Which of the following is the most likely reason for the application failures?

A. The user’s account was set as a service account.
B. The user's home directory was deleted.
C. The user does not have sudo access.
D. The root password has been changed.

Explanation:
Comprehensive and Detailed Step-by-Step
When an employee leaves a company, their home directory might be deleted along with their account, leading to application failures if the directory contained configuration files, dependencies, or system scripts.

Question#3

A security professional is investigating a trend in vulnerability findings for newly deployed cloud systems Given the following output:



Which of the following actions would address the root cause of this issue?

A. Automating the patching system to update base Images
B. Recompiling the affected programs with the most current patches
C. Disabling unused/unneeded ports on all servers
D. Deploying a WAF with virtual patching upstream of the affected systems

Explanation:
The output shows that multiple systems have outdated or vulnerable software versions (OpenSSL 1.01 and Java 11 runtime). This suggests that the systems are not being patched regularly or effectively.
A. Automating the patching system to update base images: Automating the patching process ensures that the latest security updates and patches are applied to all systems, including newly deployed ones. This addresses the root cause by ensuring that base images used for deployment are always up-to-date with the latest security patches.
B. Recompiling the affected programs with the most current patches: While this can fix the immediate vulnerabilities, it does not address the root cause of the problem, which is the lack of regular updates.
C. Disabling unused/unneeded ports on all servers: This improves security but does not address the specific issue of outdated software.
D. Deploying a WAF with virtual patching upstream of the affected systems: This can provide a temporary shield but does not resolve the underlying issue of outdated software.
Automating the patching system to update base images ensures that all deployed systems are using the latest, most secure versions of software, addressing the root cause of the vulnerability trend.
Reference: CompTIA Security+ Study Guide
NIST SP 800-40 Rev. 3, "Guide to Enterprise Patch Management Technologies"
CIS Controls, "Control 7: Continuous Vulnerability Management"

Question#4

A company that relies on an COL system must keep it operating until a new solution is available.
Which of the following is the most secure way to meet this goal?

A. Isolating the system and enforcing firewall rules to allow access to only required endpoints
B. Enforcing strong credentials and improving monitoring capabilities
C. Restricting system access to perform necessary maintenance by the IT team
D. Placing the system in a screened subnet and blocking access from internal resources

Explanation:
To ensure the most secure way of keeping a legacy system (COL) operating until a new solution is available, isolating the system and enforcing strict firewall rules is the best approach. This method minimizes the attack surface by restricting access to only the necessary endpoints, thereby reducing the risk of unauthorized access and potential security breaches. Isolating the system ensures that it is not exposed to the broader network, while firewall rules control the traffic that can reach the system, providing a secure environment until a replacement is implemented.
Reference: CompTIA SecurityX Study Guide: Recommends network isolation and firewall rules as effective measures for securing legacy systems.
NIST Special Publication 800-82, "Guide to Industrial Control Systems (ICS) Security": Advises on isolating critical systems and using firewalls to control access.
"Network Security Assessment" by Chris McNab: Discusses techniques for isolating systems and enforcing firewall rules to protect vulnerable or legacy systems.
By isolating the system and implementing strict firewall controls, the organization can maintain the necessary operations securely while working on deploying a new solution.

Question#5

SIMULATION
You are a security analyst tasked with interpreting an Nmap scan output from company’s privileged network.
The company’s hardening guidelines indicate the following:
There should be one primary server or service per device.
Only default ports should be used.
Non-secure protocols should be disabled.

INSTRUCTIONS
Using the Nmap output, identify the devices on the network and their roles, and any open ports that should be closed.
For each device found by Nmap, add a device entry to the Devices Discovered list, with the following information:
The IP address of the device
The primary server or service of the device (Note that each IP should by associated with one service/port only)
The protocol(s) that should be disabled based on the hardening guidelines (Note that multiple ports may need to be closed to comply with the hardening guidelines)
If at any time you would like to bring back the initial state of the simulation, please click the Reset All button.





A. 

Exam Code: CAS-005         Q & A: 215 Q&As         Updated:  Jun 28,2025

 

 Full CAS-005 Exam Dumps Here

Exam Code: CAS-005
Q & A: 215 Q&As
Updated:  Jun 28,2025

 

 About CAS-005 Dumps

TOP Exams