최신 CAS-005 무료덤프 - CompTIA SecurityX Certification

문제1

A security engineer wants to stay up-to-date on new detections that are released on a regular basis. The engineer's organization uses multiple tools rather than one specific vendor security stack. Which of the following rule-based languages is the most appropriate to use as a baseline for detection rules with the multiple security tool setup?

A. Sigma

B. Snort

C. YARA

D. Rita

정답: A

설명: (DumpTOP 회원만 볼 수 있음)

문제2

An external threat actor attacks public infrastructure providers. In response to the attack and during follow-up activities, various providers share information obtained during response efforts. After the attack, energy sector companies share their status and response data:
Company
SIEM
UEBA
DLP
ISAC Member
TIP Integration
Time to Detect
Time to Respond
1
Yes
No
Yes
Yes
Yes
10 minutes
20 minutes
2
Yes
Yes
Yes
Yes
No
20 minutes
40 minutes
3
Yes
Yes
No
No
Yes
12 minutes
24 minutes
Which of thefollowing is the most important issue to address to defend against future attacks?

A. Failure to implement a DLP system

B. Failure to implement a UEBA system

C. Failure to join the industry ISAC

D. Failure to integrate with the TIP

정답: C

설명: (DumpTOP 회원만 볼 수 있음)

문제3

After an incident response exercise, a security administrator reviews the following table:

Which of the following should the administrator do to beat support rapid incident response in the future?

A. Automate alerting to IT support for phone system outages.

B. Configure automated Isolation of human resources systems

C. Enable dashboards for service status monitoring

D. Send emails for failed log-In attempts on the public website

정답: C

설명: (DumpTOP 회원만 볼 수 있음)

문제4

An organization wants to manage specialized endpoints and needs a solution that provides the ability to
* Centrally manage configurations
* Push policies.
* Remotely wipe devices
* Maintain asset inventory
Which of the following should the organization do to best meet these requirements?

A. Configure contextual policy management

B. Implement a mobile device management solution.

C. Deploy a software asset manager

D. Use a configuration management database

정답: B

설명: (DumpTOP 회원만 볼 수 있음)

문제5

A security engineer is developing a solution to meet the following requirements?
* All endpoints should be able to establish telemetry with a SIEM.
* All endpoints should be able to be integrated into the XDR platform.
* SOC services should be able to monitor the XDR platform
Which of the following should the security engineer implement to meet the requirements?

A. HIDS and vTPM

B. HIPS and host-based firewall

C. WAF and syslog

D. CDR and central logging

정답: B

설명: (DumpTOP 회원만 볼 수 있음)

문제6

A central bank implements strict risk mitigations for the hardware supply chain, including an allow list for specific countries of origin. Which of the following best describes the cyberthreat to the bank?

A. Ability to obtain components during wartime

B. Physical Implants and tampering

C. Fragility and other availability attacks

D. Non-conformance to accepted manufacturing standards

정답: B

설명: (DumpTOP 회원만 볼 수 있음)

문제7

An external SaaS solution user reports a bug associated with the role-based access control module. This bug allows users to bypass system logic associated with client segmentation in the multitenant deployment model. When assessing the bug report, the developer finds that the same bug was previously identified and addressed in an earlier release. The developer then determines the bug was reintroduced when an existing software component was integrated from a prior version of the platform. Which of the following is the best way to prevent this scenario?

A. Regression testing

B. Software composition analysis

C. Automated test and retest

D. User acceptance testing

E. Code signing

정답: A

설명: (DumpTOP 회원만 볼 수 있음)

문제8

During a forensic review of a cybersecurity incident, a security engineer collected a portion of the payload used by an attacker on a comprised web server Given the following portion of the code:

Which of the following best describes this incident?

A. XSRF attack

B. Stored XSS

C. SQL injection

D. Command injection

정답: B

설명: (DumpTOP 회원만 볼 수 있음)

문제9

A user reports application access issues to the help desk. The help desk reviews the logs for the user:

Which of the following is most likely the reason for the issue?

A. The user inadvertently tripped the geoblock rule in NGFW.

B. The user is not allowed to access the human resources system outside of business hours.

C. A threat actor has compromised the user's account and attempted to log in.

D. The user did not attempt to connect from an approved subnet.

정답: A

설명: (DumpTOP 회원만 볼 수 있음)

문제10

Which of the following best describes the reason a network architect would enable forward secrecy on all VPN tunnels?

A. This process is a requirement to enable hardware-accelerated cryptography.

B. Modern cryptographic protocols list this process as a prerequisite for use.

C. This process reduces the success of attackers performing cryptanalysis.

D. The business requirements state that confidentiality is a critical success factor.

정답: C

설명: (DumpTOP 회원만 볼 수 있음)

문제11

A news organization wants to implement workflows that allow users to request that untruthful data be retraced and scrubbed from online publications to comply with the right to be forgotten Which of the following regulations is the organization most likely trying to address'

A. COPPA

B. CCPA

C. DORA

D. GDPR

정답: D

설명: (DumpTOP 회원만 볼 수 있음)

문제12

While reviewing recent modem reports, a security officer discovers that several employees were contacted by the same individual who impersonated a recruiter. Which of the following best describes this type of correlation?

A. Red team assessment

B. Attack pattern analysis

C. Spear-phishing campaign

D. Threat modeling

정답: C

설명: (DumpTOP 회원만 볼 수 있음)

문제13

A company is preparing to move a new version of a web application to production. No issues were reported during security scanning or quality assurance in the CI/CD pipeline. Which of the following actions should thecompany take next?

A. Merge the test branch to the main branch

B. Perform a peer review on the test branch

C. Conduct unit testing on the submitted code

D. Perform threat modeling on the production application

정답: A

설명: (DumpTOP 회원만 볼 수 있음)

문제14

A security administrator needs to automate alerting. The server generates structured log files that need to be parsed to determine whether an alarm has been triggered Given the following code function:

Which of the following is most likely the log input that the code will parse?

A.

B.

C.

D.

정답: D

설명: (DumpTOP 회원만 볼 수 있음)

문제15

A company migrating to aremote work model requires that company-owned devices connect to a VPN before logging in to the device itself. The VPN gateway requires that a specific key extension is deployed to the machine certificates in the internal PKI. Which of the following best explains this requirement?

A. The internal PKI certificate deployment allows for Wi-Fi connectivity before logging in to other systems.

B. The certificate is an additional factor to meet regulatory MFA requirements for VPN access.

C. The VPN client selected the certificate with the correct key usage without user interaction.

D. The server connection uses SSL VPN, which uses certificates for secure communication.

정답: C

설명: (DumpTOP 회원만 볼 수 있음)

문제16

A security operations engineer needs to prevent inadvertent data disclosure when encrypted SSDs are reused within an enterprise. Which of the following is the most secure way to achieve this goal?

A. Securely deleting the encryption keys used by the SSD

B. Executing a script that deletes and overwrites all data on the SSD three times

C. Writing non-zero, random data to all cells of the SSD

D. Wiping the SSD through degaussing

정답: A

설명: (DumpTOP 회원만 볼 수 있음)

문제17

A compliance officer is reviewing the data sovereignty laws in several countries where the organization has no presence Which of the following is the most likely reason for reviewing these laws?

A. The organization is concerned with new regulatory enforcement in other countries

B. The organization is performing due diligence of potential tax issues.

C. The organization has suffered brand reputation damage from incorrect media coverage

D. The organization has been subject to legal proceedings in countries where it has a presence.

정답: A

설명: (DumpTOP 회원만 볼 수 있음)

문제18

A global manufacturing company has an internal application mat is critical to making products This application cannot be updated and must Beavailable in the production area A security architect is implementing security for the application. Which of the following best describes the action the architect should take-?

A. Disallow wireless access to the application.

B. Deploy Intrusion detection capabilities using a network tap

C. Create a separate network for users who need access to the application

D. Create an acceptable use policy for the use of the application

정답: C

설명: (DumpTOP 회원만 볼 수 있음)

문제19

A financial technology firm works collaboratively with business partners in the industry to share threat intelligence within a central platform This collaboration gives partner organizations the ability to obtain and share data associated with emerging threats from a variety of adversaries Which of the following should the organization most likely leverage to facilitate this activity? (Select two).

A. CWPP

B. STIX

C. JTAG

D. YAKA

E. ATTACK

F. TAXII

정답: B,F

설명: (DumpTOP 회원만 볼 수 있음)

최신 CAS-005 무료덤프 - CompTIA SecurityX Certification

우리와 연락하기

유용한 링크

최신 업데이트