Amazon
Avaya
Checkpoint
Cisco®
CompTIA
CrowdStrike
EC-Council
EXIN
Fortinet
Google
ISC
ISC2
ITIL®
Juniper
Microsoft
Okta
Palo Alto Networks
Salesforce
All Vendors
  1. Home
  2. CompTIA
  3. CAS-005

CompTIA CAS-005 Exam (page: 5)
CompTIA SecurityX
Updated on: 25-Dec-2025

Viewing Page 5 of 45
CAS-005 PDF 408 Questions

Which of the following utilizes policies that route packets to ensure only specific types of traffic are being sent to the correct destination based on application usage?

  1. SDN
  2. pcap
  3. vmstat
  4. DNSSEC
  5. VPC

Answer(s): A

Explanation:

SDN (Software-Defined Networking) utilizes policies and centralized control to dynamically route packets and ensure that specific types of traffic are sent to the correct destination based on application usage. SDN provides flexibility and programmability to control network traffic and routing at the application level, allowing policies to be applied to direct packets in a way that optimizes the network and meets security or performance requirements.



An incident response team completed recovery from offline backup for several workstations. The workstations were subjected to a ransomware attack after users fell victim to a spear-phishing campaign, despite a robust training program.
Which of the following questions should be considered during the lessons-learned phase to most likely reduce the risk of reoccurrence? (Choose two.)

  1. Are there opportunities for legal recourse against the originators of the spear-phishing campaign?
  2. What internal and external stakeholders need to be notified of the breach?
  3. Which methods can be implemented to increase speed of offline backup recovery?
  4. What measurable user behaviors were exhibited that contributed to the compromise?
  5. Which technical controls, if implemented, would provide defense when user training fails?
  6. Which user roles are most often targeted by spear phishing attacks?

Answer(s): D,E

Explanation:

What measurable user behaviors were exhibited that contributed to the compromise? During the lessons-learned phase, it's important to analyze the specific user behaviors that led to the successful spear-phishing attack, even after a robust training program. This could involve understanding patterns such as clicking on suspicious links, failing to verify emails, or not reporting unusual activity. By identifying these behaviors, the organization can target specific areas for improvement in training or behavior modification.

Which technical controls, if implemented, would provide defense when user training fails? Since users fell victim to the spear-phishing attack despite training, it's critical to implement technical controls that can provide an additional layer of defense. This may include email filtering to block phishing attempts, multi-factor authentication (MFA), endpoint detection and response (EDR) tools, and sandboxing for suspicious attachments. These controls will help prevent or mitigate attacks when training alone is insufficient.



Two companies that recently merged would like to unify application access between the companies, without initially merging internal authentication stores.
Which of the following technical strategies would best meet this objective?

  1. Federation
  2. RADIUS
  3. TACACS+
  4. MFA
  5. ABAC

Answer(s): A

Explanation:

Federation allows two or more organizations to establish a trust relationship for sharing authentication and authorization information without merging internal authentication stores. With federation, users from both companies can access resources in the other company's environment by using their own credentials, typically through a centralized identity provider (IdP). This approach allows the companies to keep their authentication systems separate but still provide seamless access to applications and services, making it ideal for scenarios like mergers where complete consolidation of authentication systems might not be immediate.



An analyst needs to evaluate all images and documents that are publicly shared on a website.
Which of the following would be the best tool to evaluate the metadata of these files?

  1. OllyDbg
  2. ExifTool
  3. Volatility
  4. Ghidra

Answer(s): B

Explanation:

ExifTool is a powerful tool for reading, writing, and editing metadata in various types of files, including images and documents. It can extract metadata such as the creation date, software used, author information, GPS coordinates, and more, which can be useful for evaluating the characteristics of publicly shared files.



An organization has deployed a cloud-based application that provides virtual event services globally to clients. During a typical event, thousands of users access various entry pages within a short period of time. The entry pages include sponsor-related content that is relatively static and is pulled from a database.
When the first major event occurs, users report poor response time on the entry pages.
Which of the following features is the most appropriate for the company to implement?

  1. Horizontal scalability
  2. Vertical scalability
  3. Containerization
  4. Static code analysis
  5. Caching

Answer(s): E

Explanation:

Since the entry pages contain sponsor-related content that is relatively static and pulled from a database, implementing caching would be the most appropriate solution. Caching stores frequently accessed data in a location that is faster to access than querying the database repeatedly. This reduces the load on the database and improves response times for users, especially during high-traffic events. By caching the static content (like sponsor information), the application can serve those pages faster and handle large numbers of users more efficiently.



An organization's board of directors has asked the Chief Information Security Officer to build a third-party management program.
Which of the following best explains a reason for this request?

  1. Risk transference
  2. Supply chain visibility
  3. Support availability
  4. Vulnerability management

Answer(s): B

Explanation:

A third-party management program is typically designed to manage the risks associated with external vendors, partners, or service providers. One of the key goals of such a program is to ensure supply chain visibility. This means the organization wants to understand and manage the risks posed by third parties in its supply chain, including security risks, compliance issues, and the overall integrity of its external relationships.
By implementing a third-party management program, the organization can monitor and assess the security posture of its vendors, ensuring that they align with the company's risk management practices and that the supply chain remains secure.



A company is rewriting a vulnerable application and adding the mprotect() system call in multiple parts of the application's code that was being leveraged by a recent exploitation tool.
Which of the following should be enabled to ensure the application can leverage the new system call against similar attacks in the future?

  1. TPM
  2. Secure boot
  3. NX bit
  4. HSM

Answer(s): C

Explanation:

The NX bit (No eXecute bit) is a security feature that marks certain areas of memory as non-executable. This prevents code from being run in those areas, which is a common technique used in modern operating systems to protect against buffer overflow and other exploits.
When the application leverages the mprotect() system call, it can mark memory regions as non-executable, making it more difficult for attackers to execute injected malicious code. By enabling the NX bit, the system enforces that no code can be executed from areas that should only contain data, preventing certain types of exploits.



Which of the following items should be included when crafting a disaster recovery plan?

  1. Redundancy
  2. Testing exercises
  3. Autoscaling
  4. Competitor locations

Answer(s): B

Explanation:

Testing exercises are a critical component of a disaster recovery (DR) plan because they ensure that the plan works effectively in a real-world scenario. Testing allows organizations to validate their recovery procedures, identify potential gaps, and make improvements before an actual disaster occurs. It helps ensure that all team members are familiar with their roles and that the recovery process can be executed smoothly.



Viewing Page 5 of 45



Share your comments for CompTIA CAS-005 exam with other users:

PC 7/28/2023 3:49:00 PM

where is dump
Anonymous


YoloStar Yoloing 10/22/2023 9:58:00 PM

q. 289 - the correct answer should be b not d, since the question asks for the most secure way to provide access to a s3 bucket (a single one), and by principle of the least privilege you should not be giving access to all buckets.
Anonymous


Zelalem Nega 5/14/2023 12:45:00 PM

please i need if possible h12-831,
UNITED KINGDOM


unknown-R 11/23/2023 7:36:00 AM

good collection of questions and solution for pl500 certification
UNITED STATES


Swaminathan 5/11/2023 9:59:00 AM

i would like to appear the exam.
Anonymous


Veenu 10/24/2023 6:26:00 AM

i am very happy as i cleared my comptia a+ 220-1101 exam. i studied from as it has all exam dumps and mock tests available. i got 91% on the test.
Anonymous


Karan 5/17/2023 4:26:00 AM

need this dump
Anonymous


Ramesh Kutumbaka 12/30/2023 11:17:00 PM

its really good to eventuate knowledge before appearing for the actual exam.
Anonymous


anonymous 7/20/2023 10:31:00 PM

this is great
CANADA


Xenofon 6/26/2023 9:35:00 AM

please i want the questions to pass the exam
UNITED STATES


Diego 1/21/2024 8:21:00 PM

i need to pass exam
Anonymous


Vichhai 12/25/2023 3:25:00 AM

great, i appreciate it.
AUSTRALIA


P Simon 8/25/2023 2:39:00 AM

please could you upload (isc)2 certified in cybersecurity (cc) exam questions
SOUTH AFRICA


Karim 10/8/2023 8:34:00 PM

good questions, wrong answers
Anonymous


Itumeleng 1/6/2024 12:53:00 PM

im preparing for exams
Anonymous


MS 1/19/2024 2:56:00 PM

question no: 42 isnt azure vm an iaas solution? so, shouldnt the answer be "no"?
Anonymous


keylly 11/28/2023 10:10:00 AM

im study azure
Anonymous


dorcas 9/22/2023 8:08:00 AM

i need this now
Anonymous


treyf 11/9/2023 5:13:00 AM

i took the aws saa-c03 test and scored 935/1000. it has all the exam dumps and important info.
UNITED STATES


anonymous 1/11/2024 4:50:00 AM

good questions
Anonymous


Anjum 9/23/2023 6:22:00 PM

well explained
Anonymous


Thakor 6/7/2023 11:52:00 PM

i got the full version and it helped me pass the exam. pdf version is very good.
INDIA


sartaj 7/18/2023 11:36:00 AM

provide the download link, please
INDIA


loso 7/25/2023 5:18:00 AM

please upload thank.
THAILAND


Paul 6/23/2023 7:12:00 AM

please can you share 1z0-1055-22 dump pls
UNITED STATES


exampei 10/7/2023 8:14:00 AM

i will wait impatiently. thank youu
Anonymous


Prince 10/31/2023 9:09:00 PM

is it possible to clear the exam if we focus on only these 156 questions instead of 623 questions? kindly help!
Anonymous


Ali Azam 12/7/2023 1:51:00 AM

really helped with preparation of my scrum exam
Anonymous


Jerman 9/29/2023 8:46:00 AM

very informative and through explanations
Anonymous


Jimmy 11/4/2023 12:11:00 PM

prep for exam
INDONESIA


Abhi 9/19/2023 1:22:00 PM

thanks for helping us
Anonymous


mrtom33 11/20/2023 4:51:00 AM

i prepared for the eccouncil 350-401 exam. i scored 92% on the test.
Anonymous


JUAN 6/28/2023 2:12:00 AM

aba questions to practice
UNITED STATES


LK 1/2/2024 11:56:00 AM

great content
Anonymous