Cisco®
Oracle
CompTIA
Checkpoint
ISC
EC-Council
EXIN
Fortinet
ITIL®
Juniper
Microsoft
VMware
Avaya
SAP
Google
Salesforce
Amazon
Palo Alto Networks
ISC2
Splunk®
All Vendors
  2. Home
  3. Exams
  4. CompTIA
  5. CAS-005

Free CompTIA CAS-005 Exam Questions (page: 6)

Page 6 of 72
PDF with 352 Questions

An internal user can send encrypted emails successfully to all recipients, except one. at an external organization.
When the internal user attempts to send encrypted emails to this external recipient, a security error message appears. The issue does not affect unencrypted emails. The external recipient can send encrypted emails to internal users.
Which of the following is the most likely cause of the issue?

  1. The validity dates of the external recipient's private key do not match the SSH keys with which the internal user is accessing the system.
  2. The external recipient has an expired public/private key pair that has not been revoked by the CA.
  3. The internal user's company email servers have an incorrect implementation of OCSP and CRL settings.
  4. The external recipient's email address and the email address associated with the external recipient's public key are mismatched.

Answer(s): D

Explanation:

In a Public Key Infrastructure (PKI) system, when sending encrypted emails, the recipient's public key is used for encryption. If the public key is associated with a different email address than the one being used by the recipient, the email encryption will fail, causing a security error. This is because the system is trying to encrypt the message using a public key that doesn't match the recipient's actual email address.
Since the issue only occurs with one external recipient, and the internal user can send encrypted emails to all others, this suggests the problem is likely due to a mismatch between the email address and the public key used for encryption, rather than other potential issues like expired keys or incorrect settings.



A security administrator is setting up a virtualization solution that needs to run services from a single host. Each service should be the only one running in its environment. Each environment needs to have its own operating system as a base but share the kernel version and properties of the running host.
Which of the following technologies would best meet these requirements?

  1. Containers
  2. Type 1 hypervisor
  3. Type 2 hypervisor
  4. Virtual desktop infrastructure
  5. Emulation

Answer(s): A

Explanation:

Containers are lightweight, virtualized environments that allow multiple services to run on the same host while sharing the kernel of the host operating system. Each container runs its own application and libraries, and it behaves as if it's running in its own isolated environment. However, containers share the kernel of the host operating system, making them resource-efficient and faster to deploy compared to full virtual machines. This matches the requirement of running services from a single host, each in its own environment with its own operating system base, while sharing the kernel version and properties of the host.
Unlike full hypervisors or emulation, containers do not require separate full operating systems per service, making them more efficient and suitable for this use case.



A company has data it would like to aggregate from its PLCs for data visualization and predictive maintenance purposes.
Which of the following is the most likely destination for the tag data from the PLCs?

  1. External drive
  2. Cloud storage
  3. System aggregator
  4. Local historian

Answer(s): D

Explanation:

A local historian is a system specifically designed to store and manage large volumes of time-series data, such as the tag data generated by programmable logic controllers (PLCs) in industrial environments. This data typically includes sensor readings, system states, and other operational data. A historian collects, stores, and organizes this data locally, making it available for data analysis, visualization, and predictive maintenance.



Which of the following is the best way to protect the website browsing history for an executive who travels to foreign countries where internet usage is closely monitored?

  1. DOH
  2. EAP-TLS
  3. Geofencing
  4. Private browsing mode

Answer(s): A

Explanation:

DNS over HTTPS (DOH) encrypts DNS queries, which protects the browsing history from being monitored or intercepted by third parties, such as internet service providers or government authorities. This is especially important in countries where internet usage is closely monitored. DOH ensures that DNS requests (which resolve domain names into IP addresses) are encrypted and sent over HTTPS, preventing external parties from seeing which websites the executive is visiting.



A systems administrator is working with the SOC to identify potential intrusions associated with ransomware. The SOC wants the systems administrator to perform network-level analysis to identify outbound traffic from any infected machines.
Which of the following is the most appropriate action for the systems administrator to take?

  1. Monitor for IoCs associated with C&C communications.
  2. Tune alerts to Identify changes to administrative groups.
  3. Review NetFlow logs for unexpected increases in egress traffic.
  4. Perform binary hash comparisons to identify infected devices.

Answer(s): C

Explanation:

When investigating potential ransomware infections, one of the key indicators of compromise (IoC) is abnormal outbound traffic, especially if the ransomware is attempting to communicate with a command and control (C&C) server to receive further instructions or send exfiltrated data.

Reviewing NetFlow logs is an effective way to identify unusual outbound traffic patterns, particularly unexpected increases in egress traffic that might indicate infected machines attempting to connect to external servers. NetFlow logs provide insight into the volume, destination, and origin of traffic, helping to identify anomalous or suspicious communications typically associated with ransomware activity.



Viewing page 6 of 72



Post your Comments and Discuss CompTIA CAS-005 exam prep with other Community members:

CAS-005 Exam Discussions & Posts