Free Preparation Discussions
MENU
CompTIA CAS-005 Exam Questions
- Topic 1: Governance, Risk, and Compliance: This section of the exam measures the skills of CompTIA security architects that cover the implementation of governance components based on organizational security requirements, including developing policies, procedures, and standards. Candidates will learn about managing security programs, including awareness training on phishing and social engineering.
- Topic 2: Security Architecture: This domain focuses on analyzing requirements to design resilient systems, including the configuration of firewalls and intrusion detection systems.
- Topic 3: Security Engineering: This section measures the skills of CompTIA security architects that involve troubleshooting common issues related to identity and access management (IAM) components within an enterprise environment. Candidates will analyze requirements to enhance endpoint and server security while implementing hardware security technologies. This domain also emphasizes the importance of advanced cryptographic concepts in securing systems.
- Topic 4: Security Operations: This domain is designed for CompTIA security architects and covers analyzing data to support monitoring and response activities, as well as assessing vulnerabilities and recommending solutions to reduce attack surfaces. Candidates will apply threat-hunting techniques and utilize threat intelligence concepts to enhance operational security.
Free CompTIA CAS-005 Exam Actual Questions
Note: Premium Questions for CAS-005 were last updated On Mar. 10, 2025 (see below)
A developer makes a small change to a resource allocation module on a popular social media website and causes a memory leak. During a peak utilization period, several web servers crash, causing the website to go offline. Which of the following testing techniques is the most efficient way to prevent this from reoccurring?
Comprehensive and Detailed Step-by-Step
Regression testing ensures that new changes do not break existing functionality. It would have identified the memory leak before deployment, preventing downtime.
Which of the following key management practices ensures that an encryption key is maintained within the organization?
Comprehensive and Detailed Step by Step
Understanding the Scenario: The question is about ensuring that an organization retains control over its encryption keys. It focuses on different key storage and management methods.
Analyzing the Answer Choices:
A . Encrypting using a key stored in an on-premises hardware security module (HSM): This is the best option for maintaining complete control over encryption keys. An HSM is a dedicated, tamper-resistant hardware device specifically designed for secure key storage and cryptographic operations. Storing keys on-premises within an HSM ensures the organization has exclusive access.
B . Encrypting using server-side encryption capabilities provided by the cloud provider: With server-side encryption, the cloud provider typically manages the encryption keys. This means the organization is relinquishing some control over the keys.
C . Encrypting using encryption and key storage systems provided by the cloud provider: Similar to option B, using cloud-provider-managed key storage systems means the organization doesn't have full, exclusive control over the keys.
D . Encrypting using a key escrow process for storage of the encryption key: Key escrow involves entrusting a third party with a copy of the encryption key. This introduces a potential security risk, as the organization no longer has sole control over the key. Also, the key is not maintained within the organization.
Why A is the Correct Answer:
Control: On-premises HSMs provide the highest level of control over encryption keys. The organization has physical and logical control over the HSM and the keys stored within it.
Security: HSMs are designed to be tamper-resistant and protect keys from unauthorized access, even if the surrounding systems are compromised.
Compliance: In some industries, regulatory requirements may mandate that organizations maintain direct control over their encryption keys. On-premises HSMs can help meet these requirements.
CASP+ Relevance: HSMs, key management, and data encryption are fundamental topics in CASP+. The exam emphasizes understanding the security implications of different key management approaches.
Elaboration on Key Management Principles:
Key Lifecycle Management: Proper key management involves managing the entire lifecycle of a key, from generation and storage to rotation and destruction.
Separation of Duties: It's generally a good practice to separate the roles of key management and data encryption to enhance security.
Access Control: Strict access controls should be in place to limit who can access and use encryption keys.
In conclusion, using an on-premises HSM for key storage is the best way to ensure that an organization maintains control over its encryption keys. It provides the highest level of security and control, aligning with best practices in cryptography and key management as emphasized in the CASP+ exam objectives.
Which of the following is the security engineer most likely doing?
In the given scenario, the security engineer is likely examining login activities and their associated geolocations. This type of analysis is aimed at identifying unusual login patterns that might indicate an impossible travel scenario. An impossible travel scenario is when a single user account logs in from geographically distant locations in a short time, which is physically impossible. By assessing login activities using geolocation, the engineer can tune alerts to identify and respond to potential security breaches more effectively.
A user reports application access issues to the help desk. The help desk reviews the logs for the user
Which of the following is most likely The reason for the issue?
Based on the provided logs, the user has accessed various applications from different geographic locations within a very short timeframe. This pattern is indicative of the 'impossible travel' security rule, a common feature in Single Sign-On (SSO) systems designed to detect and prevent fraudulent access attempts.
Analysis of Logs:
At 8:47 p.m., the user accessed a VPN from Toronto.
At 8:48 p.m., the user accessed email from Los Angeles.
At 8:48 p.m., the user accessed the human resources system from Los Angeles.
At 8:49 p.m., the user accessed email again from Los Angeles.
At 8:52 p.m., the user attempted to access the human resources system from Toronto, which was denied.
These rapid changes in location are physically impossible and typically trigger security measures to prevent unauthorized access. The SSO system detected these inconsistencies and likely flagged the activity as suspicious, resulting in access denial.
CompTIA SecurityX Study Guide
NIST Special Publication 800-63B, 'Digital Identity Guidelines'
'Impossible Travel Detection,' Microsoft Documentation
Which of the following is the security engineer most likely doing?
In the given scenario, the security engineer is likely examining login activities and their associated geolocations. This type of analysis is aimed at identifying unusual login patterns that might indicate an impossible travel scenario. An impossible travel scenario is when a single user account logs in from geographically distant locations in a short time, which is physically impossible. By assessing login activities using geolocation, the engineer can tune alerts to identify and respond to potential security breaches more effectively.
- Select Question Types you want
- Set your Desired Pass Percentage
- Allocate Time (Hours : Minutes)
- Create Multiple Practice tests with Limited Questions
- Customer Support
Jacqueline
30 days agoMaryann
2 months agoNobuko
2 months agoOzell
2 months agoSanda
3 months agoViola
3 months agoPortia
4 months agoKristel
4 months agoBrandon
4 months agoLouvenia
4 months ago