ExamGecko
Login
Home / CompTIA / CAS-005 / List of questions
Ask Question

CompTIA CAS-005 Practice Test - Questions Answers, Page 21

Add to Whishlist

List of questions

Question 201

Report Export Collapse

Which of the following security risks should be considered as an organization reduces cost and increases availability of services by adopting serverless computing?

Become a Premium Member for full access
  Unlock Premium Member

Question 202

Report Export Collapse

An attacker infiltrated the code base of a hardware manufacturer and inserted malware before the code was compiled. The malicious code is now running at the hardware level across a number of industries and sectors. Which of the following categories best describes this type of vendor risk?

Become a Premium Member for full access
  Unlock Premium Member

Question 203

Report Export Collapse

An enterprise is deploying APIs that utilize a private key and a public key to ensure the connection string is protected. To connect to the API, customers must use the private key. Which of the following would best secure the REST API connection to the database while preventing the use of a hard-coded string in the request string?

Become a Premium Member for full access
  Unlock Premium Member

Question 204

Report Export Collapse

A recent security audit identified multiple endpoints have the following vulnerabilities:

* Various unsecured open ports

* Active accounts for terminated personnel

* Endpoint protection software with legacy versions

* Overly permissive access rules

Which of the following would best mitigate these risks? (Select three).

Become a Premium Member for full access
  Unlock Premium Member

Question 205

Report Export Collapse

After a vendor identified a recent vulnerability, a severity score was assigned to the vulnerability. A notification was also publicly distributed. Which of the following would most likely include information regarding the vulnerability and the recommended remediation steps?

Become a Premium Member for full access
  Unlock Premium Member

Question 206

Report Export Collapse

A security analyst notices a number of SIEM events that show the following activity:

10/30/2020 - 8:01 UTC - 192.168.1.1 - sc stop HinDctend

10/30/2020 - 8:05 UTC - 192.168.1.2 - c:\program files\games\comptidcasp.exe

10/30/2020 - 8:07 UTC - 192.168.1.1 - c:\windows\system32\cmd.exe /c powershell

10/30/2020 - 8:07 UTC - 192.168.1.1 - powershell ---> 40.90.23.154:443

Which of the following response actions should the analyst take first?

Become a Premium Member for full access
  Unlock Premium Member

Question 207

Report Export Collapse

A security team determines that the most significant risks within the pipeline are:

* Unauthorized code changes

* The current inability to perform independent verification of software modules

Which of the following best addresses these concerns?

Become a Premium Member for full access
  Unlock Premium Member

Question 208

Report Export Collapse

A security engineer is reviewing the following vulnerability scan report:

CompTIA CAS-005 image Question 10 63882237314879638049372

Which of the following should the engineer prioritize for remediation?

Become a Premium Member for full access
  Unlock Premium Member

Question 209

Report Export Collapse

A malware researcher has discovered a credential stealer is looking at a specific memory register to harvest passwords that will be used later for lateral movement in corporate networks. The malware is using TCP 4444 to communicate with other workstations. The lateral movement would be best mitigated by:

Become a Premium Member for full access
  Unlock Premium Member

Question 210

Report Export Collapse

While investigating a security event an analyst finds evidence that a user opened an email attachment from an unknown source. Shortly after the user opened the attachment, a group of servers experienced a large amount of network and resource activity. Upon investigating the servers, the analyst discovers the servers were encrypted by ransomware that is demanding payment within 48 hours or all data will be destroyed. The company has no response plans for ransomware. Which of the following is the next step the analyst should take after reporting the incident to the management team?

Become a Premium Member for full access
  Unlock Premium Member
Total 222 questions
Go to page: of 23
Search
Open VPLUS File
Convert VPLUS to PDF

Related questions

4d 5a 90 00 03 00 00 00 04 00 00 00 ff ff 00 00 b8 00 00 00 00 00 00 00 40 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 80 00 00 00 0e 1f ba 0e 00 b4 09 cd 21 b8 01 4c cd 21 54 68 69 73 20 70 72 6f 67 72 61 6d 20 63 61 6e 6e 6f 74 20 62 65 20 72 75 6e 20 69 6e 20 44 4f 53 20 6d 6f 64 65 2e 0d 0d 0a 24 00 00 00 00 00 00 00 50 45 00 00 4c 01 03 00 34 6d be 66 00 00 00 00 00 00 00 00 e0 00 0f 03 0b 01 05 00 00 70 00 00 00 10 00 00 00 d0 00 00 70 4c 01 00 00 e0 00 00 00 50 01 00 00 00 40 00 00 10 00 00 00 02 00 00 04 00 00 00 00 00 00 00 04 00 00 00 00 00 00 00 00 60 01 00 00 02 00 00 00 00 00 00 03 00 00 00 00 00 10 00 00 10 00 00 00 00 10 00 00 10 00 00 00 00 00 00 10 00 00 00 00 00 00 00 00 00 00 00 Attempts to run the code in a sandbox produce no results. Which of the following should the malware analyst do next to further analyze the malware and discover useful IoCs?
An organization plans to deploy new software. The project manager compiles a list of roles that will be involved in different phases of the deployment life cycle. Which of the following should the project manager use to track these roles?
A pharmaceutical lab hired a consultant to identify potential risks associated with Building 2, a new facility that is under construction. The consultant received the IT project plan, which includes the following VLAN design: Which of the following TTPs should the consultant recommend be addressed first?
A local government that is investigating a data exfiltration claim was asked to review the fingerprint of the malicious user's actions. An investigator took a forensic image of the VM and downloaded the image to a secured USB drive to share with the government. Which of the following should be taken into consideration during the process of releasing the drive to the government?
An organization recently implemented a purchasing freeze that has impacted endpoint life-cycle management efforts. Which of the following should a security manager do to reduce risk without replacing the endpoints?
Company A acquired Company B. During an audit, a security engineer found Company B's environment was inadequately patched. In response, Company A placed a firewall between the two environments until Company B's infrastructure could be integrated into Company A's security program. Which of the following risk-handling techniques was used?
A healthcare system recently suffered from a ransomware incident. As a result, the board of directors decided to hire a security consultant to improve existing network security. The security consultant found that the healthcare network was completely flat, had no privileged access limits, and had open RDP access to servers with personal health information. As the consultant builds the remediation plan, which of the following solutions would best solve these challenges? (Select three).
A Chief Information Security Officer (CISO) is concerned that a company's current data disposal procedures could result in data remanence. The company uses only SSDs. Which of the following would be the most secure way to dispose of the SSDs given the CISO's concern?
A social media company wants to change encryption ciphers after identifying weaknesses in the implementation of the existing ciphers. The company needs the new ciphers to meet the following requirements: * Utilize less RAM than competing ciphers. * Be more CPU-efficient than previous ciphers. * Require customers to use TLS 1.3 while broadcasting video or audio. Which of the following is the best choice for the social media company?
A security architect is investigating instances of employees who had their phones stolen in public places through seemingly targeted attacks. Devices are able to access company resources such as email and internal documentation, some of which can persist in application storage. Which of the following would best protect the company from information exposure? (Select two).