최신 CAS-005 무료덤프 - CompTIA SecurityX Certification

문제1

An attacker infiltrated the code base of a hardware manufacturer and inserted malware before the code was compiled. The malicious code is now running at the hardware level across a number of industries and sectors.
Which of the following categories best describes this type of vendor risk?

A. Supply chain attack

B. SDLC attack

C. Side-load attack

D. Remote code signing

정답: A

설명: (DumpTOP 회원만 볼 수 있음)

문제2

A systems engineer is configuring SSO for a business that will be using SaaS applications for its remote-only workforce. Privileged actions in SaaS applications must be allowed only from corporate mobile devices that meet minimum security requirements, but BYOD must also be permitted for other activity. Which of the following would best meet this objective?

A. Deploy application protection policies using a corporate, cloud-based MDM solution.

B. Install machine certificates on corporate devices and perform checks against the clients.

C. Configure device attestations and continuous authorization controls.

D. Block any connections from outside the business's network security boundary.

정답: C

설명: (DumpTOP 회원만 볼 수 있음)

문제3

An organization is implementing advanced security controls associated with the execution of software applications on corporate endpoints. The organization must implement a deny-all, permit-by-exception approach to software authorization for all systems regardless of OS. Which of the following should be implemented to meet these requirements?

A. Atomic execution

B. XDR

C. Block list

D. MDM

E. SELinux

정답: C

설명: (DumpTOP 회원만 볼 수 있음)

문제4

Employees use their badges to track the number of hours they work. The badge readers cannot be upgraded due to facility constraints. The software for the badge readers uses a legacy platform and requires connectivity to the enterprise resource planning solution. Which of the following is the best to ensure the security of the badge readers?

A. Vulnerability scans

B. Segmentation

C. Anti-malware

정답: B

설명: (DumpTOP 회원만 볼 수 있음)

문제5

A security officer performs due diligence activities before implementing a third-party solution into the enterprise environment. The security officer needs evidence from the third party that a data subject access request handling process is in place. Which of the following is the security officer most likely seeking to maintain compliance?

A. Certification requirements

B. Reporting frameworks

C. Information security standards

D. E-discovery requirements

E. Privacy regulations

정답: E

설명: (DumpTOP 회원만 볼 수 있음)

문제6

A user submits a help desk ticket stating then account does not authenticatesometimes. An analyst reviews the following logs for the user:
Which of the following best explains the reason the user's access is being denied?

A. Invalid user-to-device bindings

B. Account compromise

C. incorrectly typed password

D. Time-based access restrictions

정답: D

설명: (DumpTOP 회원만 볼 수 있음)

문제7

A user reports application access issues to the help desk. The help desk reviews the logs for the user

Which of the following is most likely The reason for the issue?

A. The user did not attempt to connect from an approved subnet

B. A threat actor has compromised the user's account and attempted to lop, m

C. The userinadvertently tripped the impossible travel security rule in the SSO system.

D. The user is not allowed to access the human resources system outside of business hours

정답: C

설명: (DumpTOP 회원만 볼 수 있음)

문제8

A company finds logs with modified time stamps when compared to other systems. The security team decides to improve logging and auditing for incident response. Which of the following should the team do to best accomplish this goal?

A. Integrate a file-monitoring tool with the SIEM.

B. Change the log solution and integrate it with the existing SIEM.

C. Rotate and back up logs every 24 hours, encrypting the backups.

D. Implement a central logging server, allowing only log ingestion.

정답: D

설명: (DumpTOP 회원만 볼 수 있음)

문제9

Users are willing passwords on paper because of the number of passwords needed in an environment. Which of the following solutions is the best way to manage this situation and decrease risks?

A. Requiring users to use an open-source password manager

B. implementing an SSO solution and integrating with applications

C. Implementing an MFA solution to avoid reliance only on passwords

D. Increasing password complexity to require 31 least 16 characters

정답: B

설명: (DumpTOP 회원만 볼 수 있음)

문제10

A security analyst received a report that an internal web page is down after a company-wide update to the web browser Given the following error message:

Which of the following is the best way to fix this issue?

A. Rewriting any legacy web functions

B. Disabling all deprecated ciphers

C. Discontinuing the use of self-signed certificates

D. Blocking all non-essential pons

정답: C

설명: (DumpTOP 회원만 볼 수 있음)

문제11

A company that uses containers to run its applications is required to identify vulnerabilities on every container image in a private repository The security team needs to be able to quickly evaluate whether to respond to a given vulnerability Which of the following, will allow the security team to achieve the objective with the last effort?

A. Credentialed vulnerability scan

B. Centralized SBoM

C. CIS benchmark compliance reports

D. SAST scan reports

정답: B

설명: (DumpTOP 회원만 볼 수 있음)

문제12

An organization is implementing Zero Trust architecture A systems administrator must increase the effectiveness of the organization's context-aware access system. Which of the following is the best way to improve the effectiveness of the system?

A. Always-on VPN

B. Secure zone architecture

C. Accurate asset inventory

D. Microsegmentation

정답: D

설명: (DumpTOP 회원만 볼 수 있음)

문제13

A security review revealed that not all of the client proxy traffic is being captured. Which of the following architectural changes best enables the capture of traffic for analysis?

A. Setting up a reverse proxy for client logging at the gateway

B. Adding an additional proxy server to each segmented VLAN

C. Configuring a span port on the perimeter firewall to ingest logs

D. Enabling client device logging and system event auditing

정답: C

설명: (DumpTOP 회원만 볼 수 있음)

문제14

A security analyst received anotification from a cloud service provider regarding an attack detected on a web server The cloud service provider shared the following information about the attack:
* The attack came from inside the network.
* The attacking source IP was from the internal vulnerability scanners.
* The scanner is not configured to target the cloud servers.
Which of the following actions should the security analyst take first?

A. Set network behavior analysis rules

B. Configure the scan policy to avoid targeting an out-of-scope host

C. Create an allow list for the vulnerability scanner IPs m order to avoid false positives

D. Quarantine the scanner sensor to perform a forensic analysis

정답: D

설명: (DumpTOP 회원만 볼 수 있음)

문제15

An organization determines existing business continuity practices areinadequateto support critical internal process dependencies during a contingency event. Acompliance analystwants the Chief Information Officer (CIO) to identify the level ofresidual riskthat is acceptable to guide remediation activities. Which of the following does the CIO need to clarify?

A. Mitigation

B. Impact

C. Appetite

D. Likelihood

정답: C

설명: (DumpTOP 회원만 볼 수 있음)

최신 CAS-005 무료덤프 - CompTIA SecurityX Certification

우리와 연락하기

유용한 링크

최신 업데이트