A security engineer would like to control configurations on mobile devices while fulfilling the following requirements:Support and control Apple and Android devices.The device must be corporate-owned.Which of the following would enable the engineer to meet these requirements? (Choose two.)
Answer(s): C,E
Implement an MDM solution (Mobile Device Management): An MDM solution is specifically designed to manage, monitor, and secure mobile devices. It allows organizations to enforce configuration policies, enforce encryption, restrict apps, and control access to corporate resources on both Apple and Android devices. This solution directly meets the requirement to support and control corporate-owned devices.Update policy to prohibit the use of BYOD devices: By prohibiting the use of Bring Your Own Device (BYOD) devices, the organization ensures that only corporate-owned devices are used, fulfilling the requirement that the devices must be corporate-owned. This policy helps maintain control over the mobile devices within the organization's environment.
A pharmaceutical company uses a cloud provider to host thousands of independent resources in object storage. The company needs a practical and effective means of discovering data, monitoring changes, and identifying suspicious activity. Which of the following would best meet these requirements?
Answer(s): A
A machine-learning-based data security service would be the best solution for discovering data, monitoring changes, and identifying suspicious activity in the context of a cloud-based object storage environment. Such a service can analyze patterns in data access and usage to identify anomalies, suspicious behavior, and potential security incidents. Machine learning models can continuously learn and adapt to new behaviors, making it effective at detecting emerging threats in real time.
A security analyst is assessing a new application written in Java. The security analyst must determine which vulnerabilities exist during runtime. Which of the following would provide the most exhaustive list of vulnerabilities while meeting the objective?
Answer(s): B
Dynamic analysis is the most appropriate technique for assessing vulnerabilities during runtime. It involves testing the application while it is running, which allows the security analyst to observe the application's behavior, detect vulnerabilities that emerge during execution, and understand how the application interacts with its environment. This provides a comprehensive view of vulnerabilities that may not be detected through static code analysis, as it accounts for issues like memory corruption, data leaks, and runtime exceptions.
Recently, two large engineering companies in the same line of business decided to approach cyberthreats in a united way. Which of the following best describes this unified approach?
Answer(s): D
An MOU (Memorandum of Understanding) is the best choice in this scenario, as it represents an agreement between two parties outlining the intention to collaborate or work together on a common goal, without creating legally binding obligations. In this case, the two engineering companies are uniting to approach cyberthreats in a unified way, and an MOU would formalize this cooperative arrangement and define the terms of their collaboration.
A regulated company is in the process of refreshing its entire infrastructure. The company has a business- critical process running on an old 2008 Windows server. If this server fails, the company would lose millions of dollars in revenue. Which of the following actions should the company should take?
The most appropriate action is to create an organizational risk register for project prioritization. This helps the company document and assess risks, prioritize critical systems, and determine which systems, such as the old 2008 Windows server running a business-critical process, need to be addressed most urgently. A risk register ensures that resources are allocated properly and that mitigation plans are in place for the most critical systems to prevent revenue loss in the event of a failure.
A security engineer needs to ensure production containers are automatically scanned for vulnerabilities before they are accepted into the production environment. Which of the following should the engineer use to automatically incorporate vulnerability scanning on every commit?
The best solution for automatically scanning containers for vulnerabilities before they are accepted into the production environment is to incorporate vulnerability scanning into the CI/CD pipeline. Continuous Integration (CI) and Continuous Deployment (CD) pipelines can be configured to automatically trigger security scans, including container vulnerability assessments, every time code is committed or changes are pushed. This ensures that vulnerabilities are detected early in the development cycle before the containers are deployed to production.
A security architect recommends replacing the company's monolithic software application with a containerized solution. Historically, secrets have been stored in the application's configuration files. Which of the following changes should the security architect make in the new system?
A secrets management tool is the most appropriate solution for securely managing and storing secrets (such as API keys, passwords, or tokens) in the new containerized environment. Secrets management tools, such as HashiCorp Vault, AWS Secrets Manager, or Azure Key Vault, provide secure storage, access control, and audit logs for secrets. They are designed to manage secrets in a way that avoids hardcoding sensitive data in configuration files or Dockerfiles, which could be exposed or compromised.
A security engineer is assessing a new tool to segment data and communications between domains. The assessment must determine how data transmission controls can be bypassed without detection. Which of the following techniques should the security engineer use?
Answer(s): C
Covert channel analysis is the technique best suited for assessing how data transmission controls can be bypassed without detection. Covert channels involve using a system or communication protocol in unintended ways to transmit data secretly. This analysis helps identify potential hidden channels that might bypass security controls and allow unauthorized communication between domains.
Share your comments for CompTIA CAS-005 exam with other users:
wrong answer. it is true not false.
please i need the mo-100 questions
very good use full
very valid questions
will these question help me to clear pl-300 exam?
please provide me with these dumps questions. thanks
in the pdf downloaded is write google cloud database engineer i think that it isnt the correct exam
i think you have the answers wrong regarding question: "what are three core principles of web content accessibility guidelines (wcag)? answer: robust, operable, understandable
these questions are not valid , they dont come for the exam now
question looks valid
good for practice
need more q&a to go ahead
question 59 - a newly-created role is not assigned to any user, nor granted to any other role. answer is b https://docs.snowflake.com/en/user-guide/security-access-control-overview
just passed my exam today. i saw all of these questions in my text today. so i can confirm this is a valid dump.
needed dumps
very helpful
will post once the exam is finished
relevant questions
just clear exam on 10/06/2202 dumps is valid all questions are came same in dumps only 2 new questions total 46 questions 1 case study with 5 question no lab/simulation in my exam please check the answers best of luck
q.112 - correct answer is c - the event registry is a module that provides event definitions. answer a - not correct as it is the definition of event log
good and useful.
good questions
good content
totally not correct answers. 21. you have one gcp account running in your default region and zone and another account running in a non-default region and zone. you want to start a new compute engine instance in these two google cloud platform accounts using the command line interface. what should you do? correct: create two configurations using gcloud config configurations create [name]. run gcloud config configurations activate [name] to switch between accounts when running the commands to start the compute engine instances.
kindly upload the dumps
still learning
excellent way to learn
help so much
understand sql col.
i would give 5 stars to this website as i studied for az-800 exam from here. it has all the relevant material available for preparation. i got 890/1000 on the test.
this is nice.
q55- the ridac workflow can be modified using flow designer, correct answer is d not a
by far this is the most accurate exam dumps i have ever purchased. all questions are in the exam. i saw almost 90% of the questions word by word.
i cleared the az-104 exam by scoring 930/1000 on the exam. it was all possible due to this platform as it provides premium quality service. thank you!
Keeping this site free takes real effort. We constantly battle automated scraping and unauthorized content copying. A quick account helps us protect the community and keep the site free.
To continue studying for your CAS-005, please sign in or create a free account.