CAS-005 Exam Details

  • Exam Code
    :CAS-005
  • Exam Name
    :CompTIA SecurityX
  • Certification
    :CompTIA Certifications
  • Vendor
    :CompTIA
  • Total Questions
    :430 Q&As
  • Last Updated
    :Jul 14, 2026

CompTIA CAS-005 Online Questions & Answers

  • Question 1:

    DRAG DROP

    IT staff within a company often conduct remote desktop sharing sessions with vendors to troubleshoot vendor product-related issues. Drag and drop the following security controls to match the associated security concern.

    Options may be used once or not at all.

    Select and Place:

  • Question 2:

    Due to locality and budget constraints, an organization's satellite office has a lower bandwidth allocation than other offices. As a result, the local security infrastructure staff is assessing architectural options that will help preserve network bandwidth and increase speed to both internal and external resources while not sacrificing threat visibility.

    Which of the following would be the best option to implement?

    A. Distributed connection allocation
    B. Local caching
    C. Content delivery network
    D. SD-WAN vertical heterogeneity

  • Question 3:

    A senior security engineer flags the following log file snippet as having likely facilitated an attacker's lateral movement in a recent breach:

    Which of the following solutions, if implemented, would mitigate the risk of this issue reoccurring?

    A. Disabling DNS zone transfers
    B. Restricting DNS traffic to UDP/53
    C. Implementing DNS masking on internal servers
    D. Permitting only clients from internal networks to query DNS

  • Question 4:

    A commercial OSINT provider utilizes and reviews data from various sources of publicly available information. The provider is transitioning the subscription service to a model that limit's the scope of available data based on subscription tier.

    Which of the following approaches would best ensure subscribers are only granted access to data associated with their tier? (Choose two.)

    A. Storing collected data on separate physical media per tier
    B. Controlling access to data based on the role of users
    C. Employing attribute-based access control
    D. Implementing a behavior-based IDS positioned at the storage network gateway
    E. Establishing a classification and labeling scheme
    F. Implementing a mandatory access control scheme

  • Question 5:

    A penetration tester is drafting a report of findings and recommendations. Multiple EOL biomedical devices were compromised using a combination of known-exploit payloads for CVEs and VLAN hopping. The tester acknowledges that the systems cannot be changed or replaced in the hospital due to regulatory, safety, and cost reasons.

    Which of the following are the most effective controls for this scenario? (Select two).

    A. Deploying an IDS with active response for threat activities from a network tap
    B. Implementing QoS that limits the throughput of the link speeds from some VLANs
    C. Limiting trunking protocols to specific uplink ports of access switches
    D. Adding a proxy and requiring medical staff to authenticate every connection
    E. Inserting an in-line IPS between network segments of the affected hosts
    F. Performing security awareness training for these device users

  • Question 6:

    Before launching a new web application, an organization would like to perform security testing.

    Which of the following resources should the organization use to determine the objectives for the test?

    A. CASB
    B. SOAR
    C. OWASP
    D. ISAC

  • Question 7:

    A company that relies on an COL system must keep it operating until a new solution is available.

    Which of the following is the most secure way to meet this goal?

    A. Isolating the system and enforcing firewall rules to allow access to only required endpoints
    B. Enforcing strong credentials and improving monitoring capabilities
    C. Restricting system access to perform necessary maintenance by the IT team
    D. Placing the system in a screened subnet and blocking access from internal resources

  • Question 8:

    The Chief Information Security Officer (CISO) reviews some reports indicating that the length of time to patch endpoints with vulnerabilities has been steadily increasing. Many endpoints are missing security agents, and the number of unapproved BYOD endpoints has increased.

    Which of the following would be best to address the CISO ' s security concerns?

    A. Using an Always On VPN for remote staff to receive patches faster
    B. Implementing Conditional Access with device certifications and compliance requirements
    C. Writing a formal BYOD policy to enforce application containerization and receive board approval
    D. Using compliance baselines in the MDM to ensure all endpoints receive the required agents

  • Question 9:

    An ISAC supplied recent threat intelligence information about pictures used on social media that provide reconnaissance of systems in use in secure facilities. In response, the Chief Information Security Officer (CISO) wants several configuration changes implemented via the MDM to ensure the following: Camera functions and location services are blocked for corporate mobile devices.

    All social media is blocked on the corporate and guest wireless networks.

    Which of the following is the CISO practicing to safeguard against the threat?

    A. Adversary emulation
    B. Operational security
    C. Open-source intelligence
    D. Social engineering

  • Question 10:

    An organization recently acquired another company that is running a different EDR solution. A SOC analyst wants to automate the isolation of endpoints that are found to be compromised.

    Which of the following workflows best mitigates the risk of false positives and reduces the spread of malicious code?

    A. Using a SOAR solution to look up entities via a TIP platform and isolate endpoints via APIs
    B. Setting a policy on each EDR management console to isolate all endpoints that trigger any alerts
    C. Reviewing all alerts manually in the various portals and taking action to isolate them
    D. Automating the suppression of all alerts that are not critical and sending an email asking SOC analysts to review these alerts

Tips on How to Prepare for the Exams

Nowadays, the certification exams become more and more important and required by more and more enterprises when applying for a job. But how to prepare for the exam effectively? How to prepare for the exam in a short time with less efforts? How to get a ideal result and how to find the most reliable resources? Here on Vcedump.com, you will find all the answers. Vcedump.com provide not only CompTIA exam questions, answers and explanations but also complete assistance on your exam preparation and certification application. If you are confused on your CAS-005 exam preparations and CompTIA certification application, do not hesitate to visit our Vcedump.com to find your solutions here.