PassLeader released the NEWEST CompTIA CAS-005 exam dumps recently! Both CAS-005 VCE dumps and CAS-005 PDF dumps are available on PassLeader, either CAS-005 VCE dumps or CAS-005 PDF dumps have the NEWEST CAS-005 exam questions in it, they will help you passing CompTIA CAS-005 exam easily! You can download the valid CAS-005 dumps VCE and PDF from PassLeader here: https://www.passleader.com/cas-005.html (324 Q&As Dumps ~ Lab Simulations Available)
Also, previewing the NEWEST PassLeader CAS-005 dumps online for free on Google Drive: https://drive.google.com/drive/folders/1KS3f2xY4YVwyvHzBkOruvJa_Q1WMRRlW
NEW QUESTION 301
A global company’s Chief Financial Officer (CFO) receives a phone call from someone claiming to be the Chief Executive Officer (CEO). The caller claims to be stranded and in desperate need of money. The CFO is suspicious, but the caller’s voice sounds similar to the CEO’s. Which of the following best describes this type of attack?
A. Smishing.
B. Deepfake.
C. Automated exploit generation.
D. Spear phishing.
Answer: B
NEW QUESTION 302
Which of the following best describes the reason PQC preparation is important?
A. To protect data against decryption due to increases in computational resource availability.
B. To have larger key lengths available through key stretching.
C. To improve encryption performance and speed using lightweight cryptography.
D. To leverage asymmetric encryption for large amounts of data.
Answer: A
NEW QUESTION 303
A security team determines that the most significant risks within the pipeline are:
– Unauthorized code changes.
– The current inability to perform independent verification of software modules.
Which of the following best addresses these concerns?
A. Code signing.
B. Digital signatures.
C. Non-repudiation.
D. Lightweight cryptography.
Answer: A
NEW QUESTION 304
Company A acquired Company B. During an audit, a security engineer found Company B’s environment was inadequately patched. In response, Company A placed a firewall between the two environments until Company B’s infrastructure could be integrated into Company A’s security program. Which of the following risk-handling techniques was used?
A. Accept
B. Avoid
C. Transfer
D. Mitigate
Answer: D
NEW QUESTION 305
An organization recently implemented a purchasing freeze that has impacted endpoint life-cycle management efforts. Which of the following should a security manager do to reduce risk without replacing the endpoints?
A. Remove unneeded services.
B. Deploy EDR.
C. Dispose of end-of-support devices.
D. Reimage the system.
Answer: A
NEW QUESTION 306
A local government that is investigating a data exfiltration claim was asked to review the fingerprint of the malicious user’s actions. An investigator took a forensic image of the VM and downloaded the image to a secured USB drive to share with the government. Which of the following should be taken into consideration during the process of releasing the drive to the government?
A. Encryption in transit.
B. Legal issues.
C. Chain of custody.
D. Order of volatility.
E. Key exchange.
Answer: C
NEW QUESTION 307
While investigating a security event an analyst finds evidence that a user opened an email attachment from an unknown source. Shortly after the user opened the attachment, a group of servers experienced a large amount of network and resource activity. Upon investigating the servers, the analyst discovers the servers were encrypted by ransomware that is demanding payment within 48 hours or all data will be destroyed. The company has no response plans for ransomware. Which of the following is the next step the analyst should take after reporting the incident to the management team?
A. Pay the ransom within 48 hours.
B. Isolate the servers to prevent the spread.
C. Notify law enforcement.
D. Request that the affected servers be restored immediately.
Answer: B
NEW QUESTION 308
Which of the following best describes a common use case for homomorphic encryption?
A. Processing data on a server after decrypting in order to prevent unauthorized access in transit.
B. Maintaining the confidentiality of data both at rest and in transit to and from a CSP for processing.
C. Transmitting confidential data to a CSP for processing on a large number of resources without revealing information.
D. Storing proprietary data across multiple nodes in a private cloud to prevent access by unauthenticated users.
Answer: C
NEW QUESTION 309
A security architect is investigating instances of employees who had their phones stolen in public places through seemingly targeted attacks. Devices are able to access company resources such as email and internal documentation, some of which can persist in application storage. Which of the following would best protect the company from information exposure? (Choose two.)
A. Implement a remote wipe procedure if the phone does not check in for a period of time.
B. Enforce biometric access control with configured timeouts.
C. Set up geofencing for corporate applications where the phone must be near an office.
D. Use application control to restrict the applications that can be installed.
E. Leverage an MDM solution to prevent the side loading of mobile applications.
F. Enable device certificates that will be used for access to company resources.
Answer: AB
NEW QUESTION 310
A company undergoing digital transformation is reviewing the resiliency of a CSP and is concerned about meeting SLA requirements in the event of a CSP incident. Which of the following would be best to proceed with the transformation?
A. An on-premises solution as a backup.
B. A load balancer with a round-robin configuration.
C. A multicloud provider solution.
D. An active-active solution within the same tenant.
Answer: C
NEW QUESTION 311
A security engineer wants to propose an MDM solution to mitigate certain risks. The MDM solution should meet the following requirements:
– Mobile devices should be disabled if they leave the trusted zone.
– If the mobile device is lost, data is not accessible.
Which of the following options should the security engineer enable on the MDM solution? (Choose two.)
A. Geofencing.
B. Patch management.
C. Containerization.
D. Full disk encryption.
E. Allow/blocklist.
F. Geotagging.
Answer: AD
NEW QUESTION 312
Which of the following security risks should be considered as an organization reduces cost and increases availability of services by adopting serverless computing?
A. Level of control and influence governments have over cloud service providers.
B. Type of virtualization or emulation technology used in the provisioning of services.
C. Vertical scalability of the infrastructure underpinning the serverless offerings.
D. Use of third-party monitoring of service provisioning and configurations.
Answer: A
NEW QUESTION 313
An attacker infiltrated the code base of a hardware manufacturer and inserted malware before the code was compiled. The malicious code is now running at the hardware level across a number of industries and sectors. Which of the following categories best describes this type of vendor risk?
A. SDLC attack.
B. Side-load attack.
C. Remote code signing.
D. Supply chain attack.
Answer: D
NEW QUESTION 314
An enterprise is deploying APIs that utilize a private key and a public key to ensure the connection string is protected. To connect to the API, customers must use the private key. Which of the following would best secure the REST API connection to the database while preventing the use of a hard-coded string in the request string?
A. Implement a VPN for all APIs.
B. Sign the key with DSA.
C. Deploy MFA for the service accounts.
D. Utilize HMAC for the keys.
Answer: D
NEW QUESTION 315
A recent security audit identified multiple endpoints have the following vulnerabilities:
– Various unsecured open ports.
– Active accounts for terminated personnel.
– Endpoint protection software with legacy versions.
– Overly permissive access rules.
Which of the following would best mitigate these risks? (Choose three.)
A. Local drive encryption.
B. Secure boot.
C. Address space layout randomization.
D. Unneeded services disabled.
E. Patching.
F. Logging.
G. Removal of unused accounts.
H. Enabling BIOS password.
Answer: DEG
NEW QUESTION 316
After a vendor identified a recent vulnerability, a severity score was assigned to the vulnerability. A notification was also publicly distributed. Which of the following would most likely include information regarding the vulnerability and the recommended remediation steps?
A. CVE
B. CVSS
C. CCE
D. CPE
Answer: A
NEW QUESTION 317
A social media company wants to change encryption ciphers after identifying weaknesses in the implementation of the existing ciphers. The company needs the new ciphers to meet the following requirements:
– Utilize less RAM than competing ciphers.
– Be more CPU-efficient than previous ciphers.
– Require customers to use TLS 1.3 while broadcasting video or audio.
Which of the following is the best choice for the social media company?
A. IDEA-CBC
B. AES-GCM
C. ChaCha20-Poly1305
D. Camellia-CBC
Answer: C
NEW QUESTION 318
A Chief Information Security Officer (CISO) is concerned that a company’s current data disposal procedures could result in data remanence. The company uses only SSDs. Which of the following would be the most secure way to dispose of the SSDs given the CISO’s concern?
A. Degaussing
B. Overwriting
C. Shredding
D. Formatting
E. Incinerating
Answer: E
NEW QUESTION 319
A global organization wants to manage all endpoint and user telemetry. The organization also needs to differentiate this data based on which office it is correlated to. Which of the following strategies best aligns with this goal?
A. Sensor placement.
B. Data labeling.
C. Continuous monitoring.
D. Centralized logging.
Answer: B
NEW QUESTION 320
A healthcare system recently suffered from a ransomware incident. As a result, the board of directors decided to hire a security consultant to improve existing network security. The security consultant found that the healthcare network was completely flat, had no privileged access limits, and had open RDP access to servers with personal health information. As the consultant builds the remediation plan, which of the following solutions would best solve these challenges? (Choose three.)
A. SD-WAN
B. PAM
C. Remote Access VPN
D. MFA
E. Network Segmentation
F. BGP
G. NAC
Answer: BDE
NEW QUESTION 321
……
Welcome to choose PassLeader CAS-005 dumps for 100% passing CompTIA CAS-005 exam: https://www.passleader.com/cas-005.html (324 Q&As VCE Dumps and PDF Dumps ~ Lab Simulations Available)
Also, previewing the NEWEST PassLeader CAS-005 dumps online for free on Google Drive: https://drive.google.com/drive/folders/1KS3f2xY4YVwyvHzBkOruvJa_Q1WMRRlW