Summer Sale Limited Time 65% Discount Offer - Ends in 0d 00h 00m 00s - Coupon code: ecus65

CompTIA CAS-005 - CompTIA SecurityX Certification Exam

Page: 4 / 7
Total 219 questions

A systems administrator works with engineers to process and address vulnerabilities as a result of continuous scanning activities. The primary challenge faced by the administrator is differentiating between valid and invalid findings. Which of the following would the systems administrator most likely verify is properly configured?

A.

Report retention time

B.

Scanning credentials

C.

Exploit definitions

D.

Testing cadence

Which of the following best describes the challengesassociated with widespread adoption of homomorphic encryption techniques?

A.

Incomplete mathematical primitives

B.

No use cases to drive adoption

C.

Quantum computers not yet capable

D.

Insufficient coprocessor support

An enterprise is deploying APIs that utilize a private key and a public key to ensure the connection string is protected. To connect to the API, customers must use the private key. Which of the following would best secure the REST API connection to the database while preventing the use of a hard-coded string in the request string?

A.

Implement a VPN for all APIs

B.

Sign the key with DSA

C.

Deploy MFA for the service accounts

D.

Utilize HMAC for the keys

An external threat actor attacks public infrastructure providers. In response to the attack and during follow-up activities, various providers share information obtained during response efforts. After the attack, energy sector companies share their status and response data:

Company

SIEM

UEBA

DLP

ISAC Member

TIP Integration

Time to Detect

Time to Respond

1

Yes

No

Yes

Yes

Yes

10 minutes

20 minutes

2

Yes

Yes

Yes

Yes

No

20 minutes

40 minutes

3

Yes

Yes

No

No

Yes

12 minutes

24 minutes

Which of thefollowing is the most important issue to address to defend against future attacks?

A.

Failure to implement a UEBA system

B.

Failure to implement a DLP system

C.

Failure to join the industry ISAC

D.

Failure to integrate with the TIP

A company recently experienced an incident in which an advanced threat actor was able to shim malicious code against the hardware static of a domain controller The forensic team cryptographically validated that com the underlying firmware of the box and the operating system had not been compromised. However, the attacker was able to exfiltrate information from the server using a steganographic technique within LOAP Which of the following is me b»« way to reduce the risk oi reoccurrence?

A.

Enforcing allow lists for authorized network pons and protocols

B.

Measuring and attesting to the entire boot chum

C.

Rolling the cryptographic keys used for hardware security modules

D.

Using code signing to verify the source of OS updates

A security officer received several complaints from usersabout excessive MPA push notifications at night The security team investigates and suspects malicious activities regarding user account authentication Which of the following is the best way for the security officer to restrict MI~A notifications''

A.

Provisioning FID02 devices

B.

Deploying a text message based on MFA

C.

Enabling OTP via email

D.

Configuring prompt-driven MFA

Recent repents indicate that a software tool is being exploited Attackers were able to bypass user access controls and load a database. A security analyst needs to find the vulnerability and recommend a mitigation. The analyst generates the following output:

Which of the following would the analyst most likely recommend?

A.

Installing appropriate EDR tools to block pass-the-hash attempts

B.

Adding additional time to software development to perform fuzz testing

C.

Removing hard coded credentials from the source code

D.

Not allowing users to change their local passwords

A company's help desk is experiencing a large number of calls from the finance department slating access issues to www bank com The security operations center reviewed the following security logs:

Which of the following is most likely the cause of the issue?

A.

Recursive DNS resolution is failing

B.

The DNS record has been poisoned.

C.

DNS traffic is being sinkholed.

D.

The DNS was set up incorrectly.

An organization that performs real-time financial processing is implementing a new backup solution. Given the following business requirements:

The backup solution must reduce the risk of potential backup compromise.

The backup solution must be resilient to a ransomware attack.

The time to restore from backups is less important than backup data integrity.

Multiple copies of production data must be maintained.

Which of the following backup strategies best meets these requirements?

A.

Creating a secondary, immutable database and adding live data on a continuous basis

B.

Utilizing two connected storage arrays and ensuring the arrays constantly sync

C.

Enabling remote journaling on the databases to ensure real-time transactions are mirrored

D.

Setting up anti-tampering on the databases to ensure data cannot be changed unintentionally

An organization recently implemented a purchasing freeze that has impacted endpoint life-cycle management efforts. Which of the following should a security manager do to reduce risk without replacing the endpoints?

A.

Remove unneeded services

B.

Deploy EDR

C.

Dispose of end-of-support devices

D.

Reimage the system