Free CompTIA SecurityX Certification Exam CAS-005 Exam Practice Test

A security engineer is given the following requirements:An endpoint must only execute Internally signed applicationsAdministrator accounts cannot install unauthorized software.Attempts to run unauthorized software must be logged Which of the following best meets these requirements?

• Maintaining appropriate account access through directory management and controls
• Implementing a CSPM platform to monitor updates being pushed to applications
• Deploying an EDR solution to monitor and respond to software installation attempts
• Configuring application control with blocked hashes and enterprise-trusted root certificates

An organization is implementing Zero Trust architecture A systems administrator must increase the effectiveness of the organization's context-aware access system. Which of the following is the best way to improve the effectiveness of the system?

• Secure zone architecture
• Always-on VPN
• Accurate asset inventory
• Microsegmentation

A company wants to install a three-tier approach to separate the web. database, and application servers A security administrator must harden the environment which of the following is the best solution?

• Deploying a VPN to prevent remote locations from accessing server VLANs
• Configuring a SASb solution to restrict users to server communication
• Implementing microsegmentation on the server VLANs
• installing a firewall and making it the network core

A security architect wants to develop a baseline of security configurations These configurations automatically will be utilized machine is created Which of the following technologies should the security architect deploy to accomplish this goal?

• Short
• GASB
• Ansible
• CMDB

A central bank implements strict risk mitigations for the hardware supply chain, including an allow list for specific countries of origin. Which of the following best describes the cyberthreat to the bank?

• Ability to obtain components during wartime
• Fragility and other availability attacks
• Physical Implants and tampering
• Non-conformance to accepted manufacturing standards

An organization is required toRespond to internal and external inquiries in a timely mannerProvide transparency.Comply with regulatory requirementsThe organization has not experienced any reportable breaches but wants to be prepared if a breach occurs in the future. Which of the following is the best way for the organization to prepare?

• Outsourcing the handling of necessary regulatory filing to an external consultant
• Integrating automated response mechanisms into the data subject access request process
• Developing communication templates that have been vetted by internal and external counsel
• Conducting lessons-learned activities and integrating observations into the crisis management plan

A security engineer wants to reduce the attack surface of a public-facing containerized application Which of the following will best reduce the application's privilege escalation attack surface?

• Implementing the following commands in the Dockerfile:RUN echo user:x:1000:1000iuser:/home/user:/dew/null > /ete/passwd
• Installing an EDR on the container's host with reporting configured to log to a centralized SIFMand Implementing the followingalerting rules TF PBOCESS_USEB=rooC ALERT_TYPE=critical
• Designing a muiticontainer solution, with one set of containers that runs the mam application, and another set oi containers that perform automatic remediation by replacing compromised containers or disabling compromised accounts
• Running the container in an isolated network and placing a load balancer in a public-facing network. Adding the following ACL to the load balancer:
• PZRKZI HTTES from 0-0.0.0.0/0 pert 443

Which of the following best explains the importance of determining organization risk appetite when operating with a constrained budget?

• Risk appetite directly impacts acceptance of high-impact low-likelihood events.
• Organizational risk appetite varies from organization to organization
• Budgetary pressure drives risk mitigation planning in all companies
• Risk appetite directly influences which breaches are disclosed publicly

An organization mat performs real-time financial processing is implementing a new backup solution Given the following business requirements?The backup solution must reduce the risk for potential backup compromiseThe backup solution must be resilient to a ransomware attack.The time to restore from backups is less important than the backup data integrityMultiple copies of production data must be maintainedWhich of the following backup strategies best meets these requirement?

• Creating a secondary, immutable storage array and updating it with live data on a continuous basis
• Utilizing two connected storage arrays and ensuring the arrays constantly sync
• Enabling remote journaling on the databases to ensure real-time transactions are mirrored
• Setting up antitempering on the databases to ensure data cannot be changed unintentionally

Which of the following best describes the challenges associated with widespread adoption of homomorphic encryption techniques?

• Incomplete mathematical primitives
• No use cases to drive adoption
• Quantum computers not yet capable
• insufficient coprocessor support