Amazon
Avaya
Cisco
CompTIA
CrowdStrike
EC-Council
EXIN
Fortinet
Google
ISC
ISC2
ITIL
Juniper
Microsoft
NVIDIA
Okta
Palo Alto Networks
Salesforce
SAP
ServiceNow
All Vendors
  1. Home
  2. CompTIA
  3. CAS-005

CompTIA CAS-005 Exam (page: 5)
CompTIA SecurityX
Updated on: 31-Mar-2026

Viewing Page 5 of 45
CAS-005 PDF 408 Questions

Which of the following utilizes policies that route packets to ensure only specific types of traffic are being sent to the correct destination based on application usage?

  1. SDN
  2. pcap
  3. vmstat
  4. DNSSEC
  5. VPC

Answer(s): A

Explanation:

SDN (Software-Defined Networking) utilizes policies and centralized control to dynamically route packets and ensure that specific types of traffic are sent to the correct destination based on application usage. SDN provides flexibility and programmability to control network traffic and routing at the application level, allowing policies to be applied to direct packets in a way that optimizes the network and meets security or performance requirements.



An incident response team completed recovery from offline backup for several workstations. The workstations were subjected to a ransomware attack after users fell victim to a spear-phishing campaign, despite a robust training program.
Which of the following questions should be considered during the lessons-learned phase to most likely reduce the risk of reoccurrence? (Choose two.)

  1. Are there opportunities for legal recourse against the originators of the spear-phishing campaign?
  2. What internal and external stakeholders need to be notified of the breach?
  3. Which methods can be implemented to increase speed of offline backup recovery?
  4. What measurable user behaviors were exhibited that contributed to the compromise?
  5. Which technical controls, if implemented, would provide defense when user training fails?
  6. Which user roles are most often targeted by spear phishing attacks?

Answer(s): D,E

Explanation:

What measurable user behaviors were exhibited that contributed to the compromise? During the lessons-learned phase, it's important to analyze the specific user behaviors that led to the successful spear-phishing attack, even after a robust training program. This could involve understanding patterns such as clicking on suspicious links, failing to verify emails, or not reporting unusual activity. By identifying these behaviors, the organization can target specific areas for improvement in training or behavior modification.

Which technical controls, if implemented, would provide defense when user training fails? Since users fell victim to the spear-phishing attack despite training, it's critical to implement technical controls that can provide an additional layer of defense. This may include email filtering to block phishing attempts, multi-factor authentication (MFA), endpoint detection and response (EDR) tools, and sandboxing for suspicious attachments. These controls will help prevent or mitigate attacks when training alone is insufficient.



Two companies that recently merged would like to unify application access between the companies, without initially merging internal authentication stores.
Which of the following technical strategies would best meet this objective?

  1. Federation
  2. RADIUS
  3. TACACS+
  4. MFA
  5. ABAC

Answer(s): A

Explanation:

Federation allows two or more organizations to establish a trust relationship for sharing authentication and authorization information without merging internal authentication stores. With federation, users from both companies can access resources in the other company's environment by using their own credentials, typically through a centralized identity provider (IdP). This approach allows the companies to keep their authentication systems separate but still provide seamless access to applications and services, making it ideal for scenarios like mergers where complete consolidation of authentication systems might not be immediate.



An analyst needs to evaluate all images and documents that are publicly shared on a website.
Which of the following would be the best tool to evaluate the metadata of these files?

  1. OllyDbg
  2. ExifTool
  3. Volatility
  4. Ghidra

Answer(s): B

Explanation:

ExifTool is a powerful tool for reading, writing, and editing metadata in various types of files, including images and documents. It can extract metadata such as the creation date, software used, author information, GPS coordinates, and more, which can be useful for evaluating the characteristics of publicly shared files.



An organization has deployed a cloud-based application that provides virtual event services globally to clients. During a typical event, thousands of users access various entry pages within a short period of time. The entry pages include sponsor-related content that is relatively static and is pulled from a database.
When the first major event occurs, users report poor response time on the entry pages.
Which of the following features is the most appropriate for the company to implement?

  1. Horizontal scalability
  2. Vertical scalability
  3. Containerization
  4. Static code analysis
  5. Caching

Answer(s): E

Explanation:

Since the entry pages contain sponsor-related content that is relatively static and pulled from a database, implementing caching would be the most appropriate solution. Caching stores frequently accessed data in a location that is faster to access than querying the database repeatedly. This reduces the load on the database and improves response times for users, especially during high-traffic events. By caching the static content (like sponsor information), the application can serve those pages faster and handle large numbers of users more efficiently.



An organization's board of directors has asked the Chief Information Security Officer to build a third-party management program.
Which of the following best explains a reason for this request?

  1. Risk transference
  2. Supply chain visibility
  3. Support availability
  4. Vulnerability management

Answer(s): B

Explanation:

A third-party management program is typically designed to manage the risks associated with external vendors, partners, or service providers. One of the key goals of such a program is to ensure supply chain visibility. This means the organization wants to understand and manage the risks posed by third parties in its supply chain, including security risks, compliance issues, and the overall integrity of its external relationships.
By implementing a third-party management program, the organization can monitor and assess the security posture of its vendors, ensuring that they align with the company's risk management practices and that the supply chain remains secure.



A company is rewriting a vulnerable application and adding the mprotect() system call in multiple parts of the application's code that was being leveraged by a recent exploitation tool.
Which of the following should be enabled to ensure the application can leverage the new system call against similar attacks in the future?

  1. TPM
  2. Secure boot
  3. NX bit
  4. HSM

Answer(s): C

Explanation:

The NX bit (No eXecute bit) is a security feature that marks certain areas of memory as non-executable. This prevents code from being run in those areas, which is a common technique used in modern operating systems to protect against buffer overflow and other exploits.
When the application leverages the mprotect() system call, it can mark memory regions as non-executable, making it more difficult for attackers to execute injected malicious code. By enabling the NX bit, the system enforces that no code can be executed from areas that should only contain data, preventing certain types of exploits.



Which of the following items should be included when crafting a disaster recovery plan?

  1. Redundancy
  2. Testing exercises
  3. Autoscaling
  4. Competitor locations

Answer(s): B

Explanation:

Testing exercises are a critical component of a disaster recovery (DR) plan because they ensure that the plan works effectively in a real-world scenario. Testing allows organizations to validate their recovery procedures, identify potential gaps, and make improvements before an actual disaster occurs. It helps ensure that all team members are familiar with their roles and that the recovery process can be executed smoothly.



Viewing Page 5 of 45



Share your comments for CompTIA CAS-005 exam with other users:

Annie 7/7/2023 8:33:00 AM

thanks for this
EUROPEAN UNION


arnie 9/17/2023 6:38:00 AM

please upload questions
Anonymous


Tanuj Rana 7/22/2023 2:33:00 AM

please upload the question dump for professional machinelearning
Anonymous


Future practitioner 8/10/2023 1:26:00 PM

question 4 answer is c. this site shows the correct answer as b. "adopt a consumption model" is clearly a cost optimization design principle. looks like im done using this site to study!!!
Anonymous


Ace 8/3/2023 10:37:00 AM

number 52 answer is d
UNITED STATES


Nathan 12/17/2023 12:04:00 PM

just started preparing for my exam , and this site is so much help
Anonymous


Corey 12/29/2023 5:06:00 PM

question 35 is incorrect, the correct answer is c, it even states so: explanation: when a vm is infected with ransomware, you should not restore the vm to the infected vm. this is because the ransomware will still be present on the vm, and it will encrypt the files again. you should also not restore the vm to any vm within the companys subscription. this is because the ransomware could spread to other vms in the subscription. the best way to restore a vm that is infected with ransomware is to restore it to a new azure vm. this will ensure that the ransomware is not present on the new vm.
Anonymous


Rajender 10/18/2023 3:54:00 AM

i would like to take psm1 exam.
Anonymous


Blessious Phiri 8/14/2023 9:53:00 AM

cbd and pdb are key to the database
SOUTH AFRICA


Alkaed 10/19/2022 10:41:00 AM

the purchase and download process is very much streamlined. the xengine application is very nice and user-friendly but there is always room for improvement.
NETHERLANDS


Dave Gregen 9/4/2023 3:17:00 PM

please upload p_sapea_2023
SWEDEN


Sarah 6/13/2023 1:42:00 PM

anyone use this? the question dont seem to follow other formats and terminology i have been studying im getting worried
CANADA


Shuv 10/3/2023 8:19:00 AM

good questions
UNITED STATES


Reb974 8/5/2023 1:44:00 AM

hello are these questions valid for ms-102
CANADA


Mchal 7/20/2023 3:38:00 AM

some questions are wrongly answered but its good nonetheless
POLAND


Sonbir 8/8/2023 1:04:00 PM

how to get system serial number using intune
Anonymous


Manju 10/19/2023 1:19:00 PM

is it really helpful to pass the exam
Anonymous


LeAnne Hair 8/24/2023 12:47:00 PM

#229 in incorrect - all the customers require an annual review
UNITED STATES


Abdul SK 9/28/2023 11:42:00 PM

kindy upload
Anonymous


Aderonke 10/23/2023 12:53:00 PM

fantastic assessment on psm 1
UNITED KINGDOM


SAJI 7/20/2023 2:51:00 AM

56 question correct answer a,b
Anonymous


Raj Kumar 10/23/2023 8:52:00 PM

thank you for providing the q bank
CANADA


piyush keshari 7/7/2023 9:46:00 PM

true quesstions
Anonymous


B.A.J 11/6/2023 7:01:00 AM

i canĀ“t believe ms asks things like this, seems to be only marketing material.
Anonymous


Guss 5/23/2023 12:28:00 PM

hi, could you please add the last update of ns0-527
Anonymous


Rond65 8/22/2023 4:39:00 PM

question #3 refers to vnet4 and vnet5. however, there is no vnet5 listed in the case study (testlet 2).
UNITED STATES


Cheers 12/13/2023 9:55:00 AM

sometimes it may be good some times it may be
GERMANY


Sumita Bose 7/21/2023 1:01:00 AM

qs 4 answer seems wrong- please check
AUSTRALIA


Amit 9/7/2023 12:53:00 AM

very detailed explanation !
HONG KONG


FisherGirl 5/16/2022 10:36:00 PM

the interactive nature of the test engine application makes the preparation process less boring.
NETHERLANDS


Chiranthaka 9/20/2023 11:15:00 AM

very useful.
Anonymous


SK 7/15/2023 3:51:00 AM

complete question dump should be made available for practice.
Anonymous


Gamerrr420 5/25/2022 9:38:00 PM

i just passed my first exam. i got 2 exam dumps as part of the 50% sale. my second exam is under work. once i write that exam i report my result. but so far i am confident.
AUSTRALIA


Kudu hgeur 9/21/2023 5:58:00 PM

nice create dewey stefen
CZECH REPUBLIC