ExamGecko
Login
Home / CompTIA / CAS-005 / List of questions
Ask Question

CompTIA CAS-005 Practice Test - Questions Answers, Page 7

Add to Whishlist

List of questions

Question 61

Report Export Collapse

A company recently experienced an incident in which an advanced threat actor was able to shim malicious code against the hardware static of a domain controller The forensic team cryptographically validated that com the underlying firmware of the box and the operating system had not been compromised. However, the attacker was able to exfiltrate information from the server using a steganographic technique within LOAP Which of the following is me b way to reduce the risk oi reoccurrence?

Become a Premium Member for full access
  Unlock Premium Member

Question 62

Report Export Collapse

A central bank implements strict risk mitigations for the hardware supply chain, including an allow list for specific countries of origin. Which of the following best describes the cyberthreat to the bank?

Become a Premium Member for full access
  Unlock Premium Member

Question 63

Report Export Collapse

Third parties notified a company's security team about vulnerabilities in the company's application. The security team determined these vulnerabilities were previously disclosed in third-party libraries. Which of the following solutions best addresses the reported vulnerabilities?

Become a Premium Member for full access
  Unlock Premium Member

Question 64

Report Export Collapse

While reviewing recent modem reports, a security officer discovers that several employees were contacted by the same individual who impersonated a recruiter. Which of the following best describes this type of correlation?

Become a Premium Member for full access
  Unlock Premium Member

Question 65

Report Export Collapse

During a security assessment using an CDR solution, a security engineer generates the following report about the assets in me system:

CompTIA CAS-005 image Question 65 63875074218429093073374

After five days, the EDR console reports an infection on the host 0WIN23 by a remote access Trojan Which of the following is the most probable cause of the infection?

Become a Premium Member for full access
  Unlock Premium Member

Question 66

Report Export Collapse

A company wants to use loT devices to manage and monitor thermostats at all facilities The thermostats must receive vendor security updates and limit access to other devices within the organization Which of the following best addresses the company's requirements''

Become a Premium Member for full access
  Unlock Premium Member

Question 67

Report Export Collapse

An engineering team determines the cost to mitigate certain risks is higher than the asset values The team must ensure the risks are prioritized appropriately. Which of the following is the best way to address the issue?

Become a Premium Member for full access
  Unlock Premium Member

Question 68

Report Export Collapse

Company A acquired Company B and needs to determine how the acquisition will impact the attack surface of the organization as a whole. Which of the following is the best way to achieve this goal? (Select two).

Implementing DLP controls preventing sensitive data from leaving Company B's network

Become a Premium Member for full access
  Unlock Premium Member

Question 69

Report Export Collapse

Asecuntv administrator is performing a gap assessment against a specific OS benchmark The benchmark requires the following configurations be applied to endpomts:

* Full disk encryption

* Host-based firewall

* Time synchronization

* Password policies

* Application allow listing

* Zero Trust application access

Which of the following solutions best addresses the requirements? (Select two).

Become a Premium Member for full access
  Unlock Premium Member

Question 70

Report Export Collapse

After an incident response exercise, a security administrator reviews the following table:

CompTIA CAS-005 image Question 70 6387507421844471769255

Which of the following should the administrator do to beat support rapid incident response in the future?

Become a Premium Member for full access
  Unlock Premium Member
Total 198 questions
Go to page: of 20
Search
Open VPLUS File
Convert VPLUS to PDF

Related questions

A global company's Chief Financial Officer (CFO) receives a phone call from someone claiming to be the Chief Executive Officer (CEO). The caller claims to be stranded and in desperate need of money. The CFO is suspicious, but the caller's voice sounds similar to the CEO's. Which of the following best describes this type of attack?
A security engineer must ensure that sensitive corporate information is not exposed if a company laptop is stolen. Which of the following actions best addresses this requirement?
Which of the following best describes the challenges associated with widespread adoption of homomorphic encryption techniques?
Which of the following best describes the reason PQC preparation is important?
A company is preparing to move a new version of a web application to production. No issues were reported during security scanning or quality assurance in the CI/CD pipeline. Which of the following actions should the company take next?
A cloud engineer wants to configure mail security protocols to support email authenticity and enable the flow of email security information to a third-party platform for further analysis. Which of the following must be configured to achieve these requirements? (Select two).
An external threat actor attacks public infrastructure providers. In response to the attack and during follow-up activities, various providers share information obtained during response efforts. After the attack, energy sector companies share their status and response data: Company SIEM UEBA DLP ISAC Member TIP Integration Time to Detect Time to Respond 1 Yes No Yes Yes Yes 10 minutes 20 minutes 2 Yes Yes Yes Yes No 20 minutes 40 minutes 3 Yes Yes No No Yes 12 minutes 24 minutes Which of the following is the most important issue to address to defend against future attacks?
An organization is prioritizing efforts to remediate or mitigate risks identified during the latest assessment. For one of the risks, a full remediation was not possible, but the organization was able to successfully apply mitigations to reduce the likelihood of the impact. Which of the following should the organization perform next?
An auditor is reviewing the logs from a web application to determine the source of an incident. The web application architecture includes an internet-accessible application load balancer, a number of web servers in a private subnet, application servers, and one database server in a tiered configuration. The application load balancer cannot store the logs. The following are sample log snippets: Web server logs: 192.168.1.10 - - [24/Oct/2020 11:24:34 +05:00] 'GET /bin/bash' HTTP/1.1' 200 453 Safari/536.36 192.168.1.10 - - [24/Oct/2020 11:24:35 +05:00] 'GET / HTTP/1.1' 200 453 Safari/536.36 Application server logs: 24/Oct/2020 11:24:34 +05:00 - 192.168.2.11 - request does not match a known local user. Querying DB 24/Oct/2020 11:24:35 +05:00 - 192.168.2.12 - root path. Begin processing Database server logs: 24/Oct/2020 11:24:34 +05:00 [Warning] 'option read_buffer_size1 unassigned value 0 adjusted to 2048 24/Oct/2020 11:24:35 +05:00 [Warning] CA certificate ca.pem is self-signed. Which of the following should the auditor recommend to ensure future incidents can be traced back to the sources?
Which of the following are risks associated with vendor lock-in? (Select two).