Amazon
Avaya
Cisco
CompTIA
CrowdStrike
EC-Council
EXIN
Fortinet
Google
ISC
ISC2
ITIL
Juniper
Microsoft
NVIDIA
Okta
Palo Alto Networks
Salesforce
SAP
ServiceNow
All Vendors
  1. Home
  2. CompTIA
  3. CAS-005

CompTIA CAS-005 Exam (page: 6)
CompTIA SecurityX
Updated on: 31-Mar-2026

Viewing Page 6 of 45
CAS-005 PDF 408 Questions

A web application server is running a legacy operating system with an unpatched RCE vulnerability. The server cannot be upgraded until the corresponding application code is changed.
Which of the following compensating controls would best prevent successful exploitation?

  1. Segmentation
  2. CASB
  3. HIPS
  4. UEBA

Answer(s): A

Explanation:

Segmentation is a compensating control that helps mitigate risks by isolating critical systems or vulnerable systems from the rest of the network. In this case, the web application server running a legacy operating system with an unpatched remote code execution (RCE) vulnerability can be isolated through network segmentation. This limits the potential for attackers to exploit the vulnerability by restricting access to the server and preventing lateral movement within the network. By segmenting the server, the attack surface is reduced, and the risk of successful exploitation is minimized until the system can be properly patched.



Which of the following is the reason why security engineers often cannot upgrade the security of embedded facility automation systems?

  1. They are constrained by available compute.
  2. They lack x86-64 processors.
  3. They lack EEPROM.
  4. They are not logic-bearing devices.

Answer(s): A

Explanation:

Embedded facility automation systems, such as those used for controlling HVAC, lighting, or security, are often constrained by limited computational resources. These systems are designed to be low-cost and energy- efficient, which means they typically have limited processing power, memory, and storage capacity. As a result, security engineers often face difficulties when trying to upgrade or implement additional security measures, such as more sophisticated encryption or security patches, because these systems lack the necessary compute resources to handle such upgrades.



A security analyst identified a vulnerable and deprecated runtime engine that Is supporting a public-facing banking application. The developers anticipate the transition to modern development environments will take at least a month.
Which of the following controls would best mitigate the risk without interrupting the service during the transition?

  1. Shutting down the systems until the code is ready
  2. Uninstalling the impacted runtime engine
  3. Selectively blocking traffic on the affected port
  4. Configuring IPS and WAF with signatures

Answer(s): D

Explanation:

To mitigate the risk of the vulnerable and deprecated runtime engine while the developers transition to a more modern environment, configuring an Intrusion Prevention System (IPS) and a Web Application Firewall (WAF) with appropriate signatures would provide protection without disrupting the service. These security controls can help detect and block known exploits targeting the vulnerable runtime engine. By applying these measures, the application can continue running while minimizing the risk of exploitation from external threats.



A security architect wants to ensure a remote host's identity and decides that pinning the X.509 certificate to the device is the most effective solution.
Which of the following must happen first?

  1. Use Distinguished Encoding Rules (DER) for the certificate.
  2. Extract the private key from the certificate.
  3. Use an out-of-band method to obtain the certificate.
  4. Compare the retrieved certificate with the embedded certificate.

Answer(s): C

Explanation:

When implementing certificate pinning, the first step is to securely obtain the remote host's X.509 certificate through an out-of-band method. This ensures that the certificate is trusted and verified outside of the regular communication channel (e.g., via a secure channel or pre-distribution), preventing any potential man-in-the- middle attacks. Once the certificate is securely obtained and verified, it can then be pinned to the device so that future connections to that host will only be accepted if the certificate matches the pinned one.



A company hired a third-party consultant to run a cybersecurity incident simulation in order to identify security gaps and prepare stakeholders for a potential incident.
Which of the following best describes this activity?

  1. Tabletop exercise
  2. Walk-through review
  3. Lessons learned
  4. Business impact analysis

Answer(s): A

Explanation:

A tabletop exercise is a discussion-based simulation where key stakeholders, including management and technical teams, gather to walk through a hypothetical cybersecurity incident. The goal is to identify security gaps, assess response strategies, and prepare for real-world incidents. During this exercise, participants typically discuss their roles and decisions in handling the incident, but no actual systems are impacted.



A security officer is requiring all personnel working on a special project to obtain a security clearance requisite with the level of all information being accessed. Data on this network must be protected at the same level of each clearance holder. The need to know must be verified by the data owner.
Which of the following should the security officer do to meet these requirements?

  1. Create a rule to authorize personnel only from certain IPs to access the files.
  2. Assign labels to the files and require formal access authorization.
  3. Assign attributes to each file and allow authorized users to share the files.
  4. Assign roles to users and authorize access to files based on the roles.

Answer(s): B

Explanation:

To meet the requirement of ensuring that data is protected at the clearance level of each personnel member and that access is based on the need to know, labeling the files according to their classification level is an effective method. Labels indicate the sensitivity of the data and ensure that only individuals with the appropriate clearance and need-to-know access are authorized to view or modify the files.
By requiring formal access authorization from the data owner, the security officer ensures that access is explicitly verified before any personnel can access data at a given classification level.



A security team receives alerts regarding impossible travel and possible brute-force attacks after normal business hours. After reviewing more logs, the team determines that specific users were targeted and attempts were made to transfer data to an unknown site.
Which of the following should the team do to help mitigate these issues?

  1. Create a firewall rule to prevent those users from accessing sensitive data.
  2. Restrict uploading activity to only authorized sites.
  3. Enable packet captures to continue to run for the source and destination related to the file transfer.
  4. Disable login activity for those users after business hours.

Answer(s): B

Explanation:

The security team has identified that certain users are being targeted by what appears to be impossible travel and brute-force attacks, followed by attempts to transfer data to an unknown site. To mitigate this, the best approach is to restrict uploading activity to only authorized sites. This ensures that even if the attackers gain access to the user accounts, they will not be able to exfiltrate data to unknown or unauthorized locations.
This control directly addresses the data exfiltration risk by preventing unauthorized file uploads, regardless of whether the attacker successfully compromises user credentials.



A company recently acquired a SaaS company and performed a gap analysis. The results of the gap analysis Indicate security controls are absent throughout the SDLC and have led to several vulnerable production releases.
Which of the following security tools best reduces the risk of vulnerable code being pushed to production in the future?

  1. Static application security testing
  2. Regression testing
  3. Code signing
  4. Sandboxing

Answer(s): A

Explanation:

Static application security testing (SAST) is the best tool for identifying security vulnerabilities in code early in the Software Development Life Cycle (SDLC). SAST tools analyze source code or binaries for vulnerabilities without executing the program, allowing teams to catch and address security issues before the code is pushed to production. This aligns with reducing the risk of vulnerable code being released.



Viewing Page 6 of 45



Share your comments for CompTIA CAS-005 exam with other users:

Siyya 1/19/2024 8:30:00 PM

might help me to prepare for the exam
Anonymous


Ted 6/21/2023 11:11:00 PM

just paid and downlaod the 2 exams using the 50% sale discount. so far i was able to download the pdf and the test engine. all looks good.
GERMANY


Paul K 11/27/2023 2:28:00 AM

i think it should be a,c. option d goes against the principle of building anything custom unless there are no work arounds available
INDIA


ph 6/16/2023 12:41:00 AM

very legible
Anonymous


sephs2001 7/31/2023 10:42:00 PM

is this exam accurate or helpful?
Anonymous


ash 7/11/2023 3:00:00 AM

please upload dump, i have exam in 2 days
INDIA


Sneha 8/17/2023 6:29:00 PM

this is useful
CANADA


sachin 12/27/2023 2:45:00 PM

question 232 answer should be perimeter not netowrk layer. wrong answer selected
Anonymous


tomAws 7/18/2023 5:05:00 AM

nice questions
BRAZIL


Rahul 6/11/2023 2:07:00 AM

hi team, could you please provide this dump ?
INDIA


TeamOraTech 12/5/2023 9:49:00 AM

very helpful to clear the exam and understand the concept.
Anonymous


Curtis 7/12/2023 8:20:00 PM

i think it is great that you are helping people when they need it. thanks.
UNITED STATES


sam 7/17/2023 6:22:00 PM

cannot evaluate yet
Anonymous


nutz 7/20/2023 1:54:00 AM

a laptops wireless antenna is most likely located in the bezel of the lid
UNITED STATES


rajesh soni 1/17/2024 6:53:00 AM

good examplae to learn basic
INDIA


Tanya 10/25/2023 7:07:00 AM

this is useful information
Anonymous


Nasir Mahmood 12/11/2023 7:32:00 AM

looks usefull
Anonymous


Jason 9/30/2023 1:07:00 PM

question 81 should be c.
CANADA


TestPD1 8/10/2023 12:22:00 PM

question 18 : response isnt a ?
EUROPEAN UNION


ally 8/19/2023 5:31:00 PM

plaese add questions
TURKEY


DIA 10/7/2023 5:59:00 AM

is dumps still valid ?
FRANCE


Annie 7/7/2023 8:33:00 AM

thanks for this
EUROPEAN UNION


arnie 9/17/2023 6:38:00 AM

please upload questions
Anonymous


Tanuj Rana 7/22/2023 2:33:00 AM

please upload the question dump for professional machinelearning
Anonymous


Future practitioner 8/10/2023 1:26:00 PM

question 4 answer is c. this site shows the correct answer as b. "adopt a consumption model" is clearly a cost optimization design principle. looks like im done using this site to study!!!
Anonymous


Ace 8/3/2023 10:37:00 AM

number 52 answer is d
UNITED STATES


Nathan 12/17/2023 12:04:00 PM

just started preparing for my exam , and this site is so much help
Anonymous


Corey 12/29/2023 5:06:00 PM

question 35 is incorrect, the correct answer is c, it even states so: explanation: when a vm is infected with ransomware, you should not restore the vm to the infected vm. this is because the ransomware will still be present on the vm, and it will encrypt the files again. you should also not restore the vm to any vm within the companys subscription. this is because the ransomware could spread to other vms in the subscription. the best way to restore a vm that is infected with ransomware is to restore it to a new azure vm. this will ensure that the ransomware is not present on the new vm.
Anonymous


Rajender 10/18/2023 3:54:00 AM

i would like to take psm1 exam.
Anonymous


Blessious Phiri 8/14/2023 9:53:00 AM

cbd and pdb are key to the database
SOUTH AFRICA


Alkaed 10/19/2022 10:41:00 AM

the purchase and download process is very much streamlined. the xengine application is very nice and user-friendly but there is always room for improvement.
NETHERLANDS


Dave Gregen 9/4/2023 3:17:00 PM

please upload p_sapea_2023
SWEDEN


Sarah 6/13/2023 1:42:00 PM

anyone use this? the question dont seem to follow other formats and terminology i have been studying im getting worried
CANADA


Shuv 10/3/2023 8:19:00 AM

good questions
UNITED STATES