CAS-005 Exam Details

  • Exam Code
    :CAS-005
  • Exam Name
    :CompTIA SecurityX
  • Certification
    :CompTIA Certifications
  • Vendor
    :CompTIA
  • Total Questions
    :430 Q&As
  • Last Updated
    :Jul 14, 2026

CompTIA CAS-005 Online Questions & Answers

  • Question 421:

    A company has data it would like to aggregate from its PLCs for data visualization and predictive maintenance purposes.

    Which of the following is the most likely destination for the tag data from the PLCs?

    A. External drive
    B. Cloud storage
    C. System aggregator
    D. Local historian

  • Question 422:

    A company's internal network is experiencing a security breach, and the threat actor is still active. Due to business requirements, users in this environment are allowed to utilize multiple machines at the same time.

    Given the following log snippet:

    Which of the following accounts should a security analyst disable to best contain the incident without impacting valid users?

    A. user-a
    B. user-b
    C. user-c
    D. user-d

  • Question 423:

    After a company discovered a zero-day vulnerability in its VPN solution, the company plans to deploy cloud-hosted resources to replace its current on-premises systems. An engineer must find an appropriate solution to facilitate trusted connectivity.

    Which of the following capabilities is the most relevant?

    A. Container orchestration
    B. Microsegmentation
    C. Conditional access
    D. Secure access service edge

  • Question 424:

    A recent batch of bug bounty findings indicates a systematic issue related to directory traversal. A security engineer needs to prevent flawed code from being deployed into production.

    Which of the following is the best mitigation strategy for the engineer?

    A. Setting up secure development training with a focus on filesystem access issues
    B. Implementing static code analysis testing into the CI/CD pipeline and blocking based on findings
    C. Using a software composition analysis tool to look for directory traversal issues in the application
    D. Developing a secure library for filesystem access and blocking builds that do not use the library
    E. Leveraging a dynamic application security testing tool to uncover issues related to directory traversal

  • Question 425:

    Which of the following most likely explains the reason a security engineer replaced ECC with a lattice-based cryptographic technique?

    A. It is computationally efficient and provides perfect forward secrecy.
    B. It is more resilient to brute-force attacks than ECC.
    C. It supports ephemeral key exchange and digital signatures.
    D. It is currently considered a robust PQC technique.
    E. It enables processing on data while remaining in an encrypted state.

  • Question 426:

    A company finds logs with modified time stamps when compared to other systems. The security team decides to improve logging and auditing for incident response.

    Which of the following should the team do to best accomplish this goal?

    A. Integrate a file-monitoring tool with the SIEM.
    B. Change the log solution and integrate it with the existing SIEM.
    C. Implement a central logging server, allowing only log ingestion.
    D. Rotate and back up logs every 24 hours, encrypting the backups.

  • Question 427:

    A security administrator is performing a gap assessment against a specific OS benchmark.

    The benchmark requires the following configurations be applied to endpoints:

    1. Full disk encryption

    2. Host-based firewall

    3. Time synchronization

    4. Password policies

    5. Application allow listing

    6. Zero Trust application access

    Which of the following solutions best addresses the requirements? (Select two).

    A. CASB
    B. SBoM
    C. SCAP
    D. SASE
    E. HIDS

  • Question 428:

    A security engineer is assisting a DevOps team that has the following requirements for container images:

    1. Ensure container images are hashed and use version controls.

    2. Ensure container images are up to date and scanned for vulnerabilities.

    Which of the following should the security engineer do to meet these requirements?

    A. Enable clusters on the container image and configure the mesh with ACLs.
    B. Enable new security and quality checks within a CI/CD pipeline.
    C. Enable audits on the container image and monitor for configuration changes.
    D. Enable pulling of the container image from the vendor repository and deploy directly to operations.

  • Question 429:

    The material finding from a recent compliance audit indicate a company has an issue with excessive permissions. The findings show that employees changing roles or departments results in privilege creep.

    Which of the following solutions are the best ways to mitigate this issue? (Select two).

    A. Setting different access controls defined by business area
    B. Implementing a role-based access policy
    C. Designing a least-needed privilege policy
    D. Establishing a mandatory vacation policy
    E. Performing periodic access reviews
    F. Requiring periodic job rotation

  • Question 430:

    Which of the following best describes the challengesassociated with widespread adoption of homomorphic encryption techniques?

    A. Incomplete mathematical primitives
    B. No use cases to drive adoption
    C. Quantum computers not yet capable
    D. Insufficient coprocessor support

Tips on How to Prepare for the Exams

Nowadays, the certification exams become more and more important and required by more and more enterprises when applying for a job. But how to prepare for the exam effectively? How to prepare for the exam in a short time with less efforts? How to get a ideal result and how to find the most reliable resources? Here on Vcedump.com, you will find all the answers. Vcedump.com provide not only CompTIA exam questions, answers and explanations but also complete assistance on your exam preparation and certification application. If you are confused on your CAS-005 exam preparations and CompTIA certification application, do not hesitate to visit our Vcedump.com to find your solutions here.