CAS-005 Exam Details

  • Exam Code
    :CAS-005
  • Exam Name
    :CompTIA SecurityX
  • Certification
    :CompTIA Certifications
  • Vendor
    :CompTIA
  • Total Questions
    :430 Q&As
  • Last Updated
    :Jul 14, 2026

CompTIA CAS-005 Online Questions & Answers

  • Question 411:

    An organization decides to move to a distributed workforce model. Several legacy systems exist on premises and cannot be migrated because of existing compliance requirements. However, all new systems are required to be cloud-based.

    Which of the following would best ensure network access security?

    A. Utilizing a VPN for all users who require legacy system access
    B. Shifting all legacy systems to the existing public cloud infrastructure
    C. Configuring an SDN to block malicious traffic to on-premises networks
    D. Deploying microsegmentation with a firewall acting as the core router

  • Question 412:

    A company is having issues with its vulnerability management program New devices/lPs are added and dropped regularly, making the vulnerability report inconsistent.

    Which of the following actions should the company lake to most likely improve the vulnerability management process?

    A. Request a weekly report with all new assets deployed and decommissioned.
    B. Extend the DHCP lease lime to allow the devices to remain with the same address for a longer period.
    C. Implement a shadow IT detection process to avoid rogue devices on the network.
    D. Perform regular discovery scanning throughout the 11 landscape using the vulnerability management tool.

  • Question 413:

    A software vendor provides routine functionality and security updates to its global customer base. The vendor would like to ensure distributed updates are authorized, originate from only the company, and have not been modified by others.

    Which of the following solutions best supports these objectives?

    A. Envelope encryption
    B. File integrity monitoring
    C. Application control
    D. Code signing

  • Question 414:

    A user tried to access a web page at http://10.1.1.1.Previouslythewebpagedidnotrequireauthentication,andnowthebrowserispromptingforcredentials.Whichofthefollowingactionswouldbestpreventtheissuefromreoccurringandreducethelikelihoodofcredentialexposure?

    A. Implementing 802.1x EAP-TTLS on access points to reduce the risk of evil twins.
    B. Transitioning internal services to use DNS security.
    C. Modifying web server configuration and utilizing X509 certificates for authentication.
    D. Installing new rules for the IDS to detect impersonation attacks.

  • Question 415:

    A company was recently infected by malware. During the root cause analysis, the company determined that several users were installing their own applications. To prevent further compromises, the company has decided it will only allow authorized applications to run on its systems.

    Which of the following should the company implement?

    A. Signing
    B. Access control
    C. HIPS
    D. Permit listing

  • Question 416:

    A security analyst is participating in a risk assessment and is helping to calculate the exposure factor associated with various systems and processes within the organization.

    Which of the following resources would be most useful to calculate the exposure factor in this scenario?

    A. Gap analysis
    B. Business impact analysis
    C. Risk register
    D. Information security policy
    E. Lessons learned

  • Question 417:

    A company wants to improve and automate the compliance of its cloud environments to meet industry standards.

    Which of the following resources should the company use to best achieve this goal?

    A. Jenkins
    B. Python
    C. Ansible
    D. PowerShell

  • Question 418:

    Which of the following tests explains why AI output could be inaccurate?

    A. Model poisoning
    B. Social engineering
    C. Output handling
    D. Prompt injections

  • Question 419:

    A company isolated its OT systems from other areas of the corporate network. These systems are required to report usage information over the internet to the vendor.

    Which of the following best reduces the risk of compromise or sabotage? (Select two).

    A. Implementing allow lists
    B. Monitoring network behavior
    C. Encrypting data at rest
    D. Performing boot Integrity checks
    E. Executing daily health checks
    F. Implementing a site-to-site IPSec VPN

  • Question 420:

    A healthcare system recently suffered from a ransomware incident. As a result, the board of directors decided to hire a security consultant to improve existing network security. The security consultant found that the healthcare network was completely flat, had no privileged access limits, and had open RDP access to servers with personal health information.

    As the consultant builds the remediation plan, which of the following solutions would best solve these challenges? (Select three).

    A. SD-WAN
    B. PAM
    C. Remote access VPN
    D. MFA
    E. Network segmentation
    F. BGP
    G. NAC

Tips on How to Prepare for the Exams

Nowadays, the certification exams become more and more important and required by more and more enterprises when applying for a job. But how to prepare for the exam effectively? How to prepare for the exam in a short time with less efforts? How to get a ideal result and how to find the most reliable resources? Here on Vcedump.com, you will find all the answers. Vcedump.com provide not only CompTIA exam questions, answers and explanations but also complete assistance on your exam preparation and certification application. If you are confused on your CAS-005 exam preparations and CompTIA certification application, do not hesitate to visit our Vcedump.com to find your solutions here.