Cisco®
Oracle
CompTIA
Checkpoint
ISC
EC-Council
EXIN
Fortinet
ITIL®
Juniper
Microsoft
VMware
Avaya
SAP
Google
Salesforce
Amazon
Palo Alto Networks
ISC2
Splunk®
All Vendors
  2. Home
  3. Exams
  4. CompTIA
  5. CAS-005

Free CompTIA CAS-005 Exam Questions (page: 8)

Page 8 of 72
PDF with 352 Questions

The company's client service team is receiving a large number of inquiries from clients regarding a new vulnerability.
Which of the following would provide the customer service team with a consistent message to deliver directly to clients?

  1. Communication plan
  2. Response playbook
  3. Disaster recovery procedure
  4. Automated runbook

Answer(s): B

Explanation:

A response playbook is a detailed document that outlines predefined steps, procedures, and templates for responding to specific incidents or situations. In this case, it would provide the customer service team with a consistent, clear, and accurate message to deliver to clients regarding the new vulnerability. The playbook would ensure that all team members are providing uniform responses to inquiries, reducing confusion and ensuring that the company's communication is coherent and accurate.



A company wants to use a process to embed a sign of ownership covertly inside a proprietary document without adding any identifying attributes.
Which of the following would be best to use as part of the process to support copyright protections of the document?

  1. Steganography
  2. E-signature
  3. Watermarking
  4. Cryptography

Answer(s): A

Explanation:

Steganography involves embedding information covertly within another file, such as a document, in a way that is not immediately apparent to the viewer. This can be used to embed a "sign of ownership" in a proprietary document without adding any visible or overt identifying attributes. It helps protect copyright by embedding hidden, identifying information that can later be used for verification or proof of ownership.



Which of the following utilizes policies that route packets to ensure only specific types of traffic are being sent to the correct destination based on application usage?

  1. SDN
  2. pcap
  3. vmstat
  4. DNSSEC
  5. VPC

Answer(s): A

Explanation:

SDN (Software-Defined Networking) utilizes policies and centralized control to dynamically route packets and ensure that specific types of traffic are sent to the correct destination based on application usage. SDN provides flexibility and programmability to control network traffic and routing at the application level, allowing policies to be applied to direct packets in a way that optimizes the network and meets security or performance requirements.



An incident response team completed recovery from offline backup for several workstations. The workstations were subjected to a ransomware attack after users fell victim to a spear-phishing campaign, despite a robust training program.
Which of the following questions should be considered during the lessons-learned phase to most likely reduce the risk of reoccurrence? (Choose two.)

  1. Are there opportunities for legal recourse against the originators of the spear-phishing campaign?
  2. What internal and external stakeholders need to be notified of the breach?
  3. Which methods can be implemented to increase speed of offline backup recovery?
  4. What measurable user behaviors were exhibited that contributed to the compromise?
  5. Which technical controls, if implemented, would provide defense when user training fails?
  6. Which user roles are most often targeted by spear phishing attacks?

Answer(s): D,E

Explanation:

What measurable user behaviors were exhibited that contributed to the compromise? During the lessons-learned phase, it's important to analyze the specific user behaviors that led to the successful spear-phishing attack, even after a robust training program. This could involve understanding patterns such as clicking on suspicious links, failing to verify emails, or not reporting unusual activity. By identifying these behaviors, the organization can target specific areas for improvement in training or behavior modification.

Which technical controls, if implemented, would provide defense when user training fails? Since users fell victim to the spear-phishing attack despite training, it's critical to implement technical controls that can provide an additional layer of defense. This may include email filtering to block phishing attempts, multi-factor authentication (MFA), endpoint detection and response (EDR) tools, and sandboxing for suspicious attachments. These controls will help prevent or mitigate attacks when training alone is insufficient.



Two companies that recently merged would like to unify application access between the companies, without initially merging internal authentication stores.
Which of the following technical strategies would best meet this objective?

  1. Federation
  2. RADIUS
  3. TACACS+
  4. MFA
  5. ABAC

Answer(s): A

Explanation:

Federation allows two or more organizations to establish a trust relationship for sharing authentication and authorization information without merging internal authentication stores. With federation, users from both companies can access resources in the other company's environment by using their own credentials, typically through a centralized identity provider (IdP). This approach allows the companies to keep their authentication systems separate but still provide seamless access to applications and services, making it ideal for scenarios like mergers where complete consolidation of authentication systems might not be immediate.



Viewing page 8 of 72



Post your Comments and Discuss CompTIA CAS-005 exam prep with other Community members:

CAS-005 Exam Discussions & Posts