Amazon
Avaya
Cisco
CompTIA
CrowdStrike
EC-Council
EXIN
Fortinet
Google
ISC
ISC2
ITIL
Juniper
Microsoft
NVIDIA
Okta
Palo Alto Networks
Salesforce
SAP
ServiceNow
All Vendors
  1. Home
  2. CompTIA
  3. CAS-005

CompTIA CAS-005 Exam (page: 2)
CompTIA SecurityX
Updated on: 31-Mar-2026

Viewing Page 2 of 45
CAS-005 PDF 408 Questions

A security analyst is investigating a possible insider threat incident that involves the use of an unauthorized USB from a shared account to exfiltrate data. The event did not create an alert. The analyst has confirmed the USB hardware ID is not on the device allow list, but has not yet confirmed the owner of the USB device.
Which of the following actions should the analyst take next?

  1. Classify the incident as a false positive.
  2. Classify the incident as a false negative.
  3. Classify the incident as a true positive.
  4. Classify the incident as a true negative.

Answer(s): B

Explanation:

A false negative occurs when a threat or security event happens but fails to trigger an alert, leading to undetected malicious activity. In this case, the security analyst has confirmed that an unauthorized USB device was used, which violates policy. However, since the event did not generate an alert despite being an unauthorized action, it indicates a failure in the detection system to identify the threat.



Which of the following security features do email signatures provide?

  1. Non-repudiation
  2. Body encryption
  3. Code signing
  4. Sender authentication
  5. Chain of custody

Answer(s): A

Explanation:

Email signatures, often implemented using digital signatures, provide non-repudiation by verifying the identity of the sender and ensuring that the email has not been tampered with during transit. Non-repudiation means the sender cannot deny having sent the email because the digital signature is uniquely tied to the sender's private key.



A software development company wants to ensure that users can confirm the software is legitimate when installing it.
Which of the following is the best way for the company to achieve this security objective?

  1. Code signing
  2. Non-repudiation
  3. Key escrow
  4. Private keys

Answer(s): A

Explanation:

Code signing is the process of digitally signing software or executables using a cryptographic certificate. This ensures that users can verify the authenticity of the software and confirm it has not been altered or tampered with since it was signed. It provides assurance that the software is legitimate and originates from the claimed source, addressing the company's security objective.



While performing mandatory monthly patch updates on a production application server, the security analyst reports an instance of buffer overflow for a new application that was migrated to the cloud and is also publicly exposed. Security policy requires that only internal users have access to the application.
Which of the following should the analyst implement to mitigate the issues reported? (Choose two.)

  1. Configure firewall rules to block all external traffic.
  2. Enable input validation for all fields.
  3. Enable automatic updates to be installed on all servers.
  4. Configure the security group to enable external traffic.
  5. Set up a DLP policy to alert for exfiltration on all application servers.
  6. Enable nightly vulnerability scans.

Answer(s): A,B

Explanation:

Configure firewall rules to block all external traffic: Since the security policy requires that only internal users have access to the application, configuring firewall rules to block all external traffic ensures that the application is not exposed to unauthorized users on the internet. This mitigates unauthorized access risks.
Enable input validation for all fields: Buffer overflows often exploit improper or lack of input validation.
Enabling strict input validation ensures that only properly formatted data is accepted, preventing malicious input designed to exploit vulnerabilities in the application.



PKI can be used to support security requirements in the change management process.
Which of the following capabilities does PKI provide for messages?

  1. Non-repudiation
  2. Confidentiality
  3. Delivery receipts
  4. Attestation

Answer(s): A

Explanation:

PKI (Public Key Infrastructure) uses digital signatures to provide non-repudiation, which ensures that the sender of a message cannot deny having sent it. In the context of the change management process, PKI ensures that actions or approvals are traceable to the responsible individual, which is critical for maintaining accountability and the integrity of the process.



Several unlabeled documents in a cloud document repository contain cardholder information.
Which of the following configuration changes should be made to the DLP system to correctly label these documents in the future?

  1. Digital rights management
  2. Network traffic decryption
  3. Regular expressions
  4. Watermarking

Answer(s): C

Explanation:

Data Loss Prevention (DLP) systems can use regular expressions to identify and classify sensitive information, such as cardholder data, based on patterns (e.g., patterns for credit card numbers). By configuring the DLP system with appropriate regular expressions, the system can correctly identify and label documents containing such information in the future, ensuring compliance and enhancing security.



A systems administrator at a web-hosting provider has been tasked with renewing the public certificates of all customer sites.
Which of the following would best support multiple domain names while minimizing the amount of certificates needed?

  1. OCSP
  2. CRL
  3. SAN
  4. CA

Answer(s): C

Explanation:

SAN (Subject Alternative Name) is an extension to SSL/TLS certificates that allows a single certificate to secure multiple domain names. This method is ideal for situations where you want to secure several domains or subdomains with one certificate, reducing the complexity and number of certificates needed. SAN certificates are commonly used to support multiple domain names under a single SSL certificate, making them the best choice for the given scenario.



Which of the following best explain why organizations prefer to utilize code that is digitally signed? (Choose two.)

  1. It provides origin assurance.
  2. It verifies integrity.
  3. It provides increased confidentiality.
  4. It integrates with DRMs.
  5. It verifies the recipient's identity.
  6. It ensures the code is free of malware.

Answer(s): A,B

Explanation:

It provides origin assurance: Digital signatures ensure that the code comes from a verified and trusted source. By signing the code, the organization guarantees the origin of the software, assuring the recipient that it has been delivered by a legitimate party.
It verifies integrity: A digital signature also ensures that the code has not been altered or tampered with since it was signed. Any changes to the code after it has been signed would invalidate the signature, confirming that the integrity of the code has been preserved.



Viewing Page 2 of 45



Share your comments for CompTIA CAS-005 exam with other users:

khaos 9/21/2025 7:07:26 AM

nice questions
Anonymous


Katiso Lehasa 9/15/2025 11:21:52 PM

Thanks for the practice questions they helped me a lot.
Anonymous


Einstein 9/2/2025 7:42:00 PM

Passed this exam today. All questions are valid and this is not something you can find in ChatGPT.
UNITED KINGDOM


vito 8/22/2025 4:16:51 AM

i need to pass exam for VMware 2V0-11.25
Anonymous


Matt 7/31/2025 11:44:40 PM

Great questions.
UNITED STATES


OLERATO 7/1/2025 5:44:14 AM

great dumps to practice for the exam
SOUTH AFRICA


Adekunle willaims 6/9/2025 7:37:29 AM

How reliable and relevant are these questions?? also i can see the last update here was January and definitely new questions would have emerged.
Anonymous


Alex 5/24/2025 12:54:15 AM

Can I trust to this source?
Anonymous


SPriyak 3/17/2025 11:08:37 AM

can you please provide the CBDA latest test preparation
UNITED STATES


Chandra 11/28/2024 7:17:38 AM

This is the best and only way of passing this exam as it is extremely hard. Good questions and valid dump.
INDIA


Sunak 1/25/2025 9:17:57 AM

Can I use this dumps when I am taking the exam? I mean does somebody look what tabs or windows I have opened ?
BULGARIA


Frank 2/15/2024 11:36:57 AM

Finally got a change to write this exam and pass it! Valid and accurate!
CANADA


Anonymous User 2/2/2024 6:42:12 PM

Upload this exam please!
Anonymous


Nicholas 2/2/2024 6:17:08 PM

Thank you for providing these questions. It helped me a lot with passing my exam.
Anonymous


Timi 8/19/2023 5:30:00 PM

my first attempt
UNITED KINGDOM


Blessious Phiri 8/13/2023 10:32:00 AM

very explainable
Anonymous


m7md ibrahim 5/26/2023 6:21:00 PM

i think answer of q 462 is variance analysis
Anonymous


Tehu 5/25/2023 12:25:00 PM

hi i need see questions
Anonymous


Ashfaq Nasir 1/17/2024 1:19:00 AM

best study material for exam
Anonymous


Roberto 11/27/2023 12:33:00 AM

very interesting repository
ITALY


Nale 9/18/2023 1:51:00 PM

american history 1
Anonymous


Tanvi 9/27/2023 4:02:00 AM

good level of questions
Anonymous


Boopathy 8/17/2023 1:03:00 AM

i need this dump kindly upload it
Anonymous


s_123 8/12/2023 4:28:00 PM

do we need c# coding to be az204 certified
Anonymous


Blessious Phiri 8/15/2023 3:38:00 PM

excellent topics covered
Anonymous


Manasa 12/5/2023 3:15:00 AM

are these really financial cloud questions and answers, seems these are basic admin question and answers
Anonymous


Not Robot 5/14/2023 5:33:00 PM

are these comments real
Anonymous


kriah 9/4/2023 10:44:00 PM

please upload the latest dumps
UNITED STATES


ed 12/17/2023 1:41:00 PM

a company runs its workloads on premises. the company wants to forecast the cost of running a large application on aws. which aws service or tool can the company use to obtain this information? pricing calculator ... the aws pricing calculator is primarily used for estimating future costs
UNITED STATES


Muru 12/29/2023 10:23:00 AM

looks interesting
Anonymous


Tech Lady 10/17/2023 12:36:00 PM

thanks! that’s amazing
Anonymous


Mike 8/20/2023 5:12:00 PM

the exam dumps are helping me get a solid foundation on the practical techniques and practices needed to be successful in the auditing world.
UNITED STATES


Nobody 9/18/2023 6:35:00 PM

q 14 should be dmz sever1 and notepad.exe why does note pad have a 443 connection
Anonymous


Muhammad Rawish Siddiqui 12/4/2023 12:17:00 PM

question # 108, correct answers are business growth and risk reduction.
SAUDI ARABIA