Cisco®
Oracle
CompTIA
Checkpoint
ISC
EC-Council
EXIN
Fortinet
ITIL®
Juniper
Microsoft
VMware
Avaya
SAP
Google
Salesforce
Amazon
Palo Alto Networks
ISC2
Splunk®
All Vendors
  2. Home
  3. Exams
  4. CompTIA
  5. CAS-005

Free CompTIA CAS-005 Exam Questions (page: 38)

Page 14 of 72
PDF with 352 Questions

A security technician is trying to connect a remote site to the central office over a site-to-site VPN. The technician has verified the source and destination IP addresses are correct, but the technician is unable to get the remote site to connect. The following error message keeps repeating:

An error has occurred during Phase 1 handshake. Deleting keys and retrying...

Which of the following is most likely the reason the connection is failing?

  1. The IKE hashing algorithm uses different key lengths on each VPN device.
  2. The IPSec settings allow more than one cipher suite on both devices.
  3. The Diffie-Hellman group on both sides matches but is a legacy group.
  4. The remote VPN is attempting to connect with a protocol other than SSL/TLS.

Answer(s): A

Explanation:

The error message "An error has occurred during Phase 1 handshake. Deleting keys and retrying..." indicates an issue during the IKE (Internet Key Exchange) Phase 1 handshake. One common cause for failure at this stage is a mismatch in the hashing algorithm or key length used on both devices. If the IKE hashing algorithm or key lengths differ between the two devices, they will not be able to establish a secure connection.



A security analyst received the following finding from a cloud security assessment tool:

Virtual Machine Data Disk is encrypted with the default encryption key.

Because the organization hosts highly sensitive data files, regulations dictate it must be encrypted so It is unreadable to the CSP.
Which of the following should be implemented to remediate the finding and meet the regulatory requirement? (Choose two.)

  1. Disk encryption with customer-provided keys
  2. Disk encryption with keys from a third party
  3. Row-level encryption with a key escrow
  4. File-level encryption with cloud vendor-provided keys
  5. File-level encryption with customer-provided keys
  6. Disk-level encryption with a cross-signed certificate

Answer(s): A,E

Explanation:

To meet the regulatory requirement of ensuring that the data is unreadable to the cloud service provider (CSP), the best approach is to use customer-provided keys for encryption. This ensures that only the customer (organization) holds the keys to access the encrypted data, not the CSP.
Disk encryption with customer-provided keys: This ensures the encryption key for the virtual machine's data disk is managed by the customer, preventing the CSP from having access to the data.
File-level encryption with customer-provided keys: If data needs to be encrypted at the file level, customer- provided keys can be used to ensure that the organization retains control over the encryption and decryption process.



A security analyst discovers a new device on the company's dedicated IoT subnet during the most recent vulnerability scan. The scan results show numerous open ports and insecure protocols in addition to default usernames and passwords. A camera needs to transmit video to the security server in the IoT subnet.
Which of the following should the security analyst recommend to securely operate the camera?

  1. Harden the camera configuration.
  2. Send camera logs to the SIEM.
  3. Encrypt the camera's video stream.
  4. Place the camera on an isolated segment.

Answer(s): A

Explanation:

Harden the camera configuration by changing default usernames and passwords, disabling unnecessary open ports, and ensuring that secure protocols (such as HTTPS, SSH, or others) are used instead of insecure ones (like HTTP or Telnet). This is a critical step in securing IoT devices and protecting them from being exploited.
Since the camera is part of the IoT subnet and has been identified with vulnerabilities such as default credentials and open ports, hardening the configuration is the most direct and effective solution to secure its operation.



The Chief Information Security Officer of a large multinational organization has asked the security risk manager to use risk scenarios during a risk analysis.
Which of the following is the most likely reason for this approach?

  1. To connect risks to business objectives
  2. To ensure a consistent approach to risk
  3. To present a comprehensive view of risk
  4. To provide context to the relevancy of risk

Answer(s): D

Explanation:

Using risk scenarios helps to provide context to the relevancy of risk by illustrating how specific risks could affect the organization. This approach helps stakeholders understand the potential impact of risks in real-world terms, making it easier to prioritize actions based on the likelihood and consequences of each scenario. It also helps decision-makers better assess the practical implications of different risks on business operations.



A security engineer would like to control configurations on mobile devices while fulfilling the following requirements:
Support and control Apple and Android devices.

The device must be corporate-owned.

Which of the following would enable the engineer to meet these requirements? (Choose two.)

  1. Create a group policy to lock down mobile devices.
  2. Update verbiage in the acceptable use policy for the internet.
  3. Implement an MDM solution.
  4. Implement a captive portal solution.
  5. Update policy to prohibit the use of BYOD devices.
  6. Implement a RADIUS solution.

Answer(s): C,E

Explanation:

Implement an MDM solution (Mobile Device Management): An MDM solution is specifically designed to manage, monitor, and secure mobile devices. It allows organizations to enforce configuration policies, enforce encryption, restrict apps, and control access to corporate resources on both Apple and Android devices. This solution directly meets the requirement to support and control corporate-owned devices.
Update policy to prohibit the use of BYOD devices: By prohibiting the use of Bring Your Own Device (BYOD) devices, the organization ensures that only corporate-owned devices are used, fulfilling the requirement that the devices must be corporate-owned. This policy helps maintain control over the mobile devices within the organization's environment.



Viewing page 38 of 72



Post your Comments and Discuss CompTIA CAS-005 exam prep with other Community members:

CAS-005 Exam Discussions & Posts