CAS-005無料問題集「CompTIA SecurityX Certification」

質問 1

Recent repents indicate that a software tool is being exploited Attackers were able to bypass user access controls and load a database. A security analyst needs to find the vulnerability and recommend a mitigation.
The analyst generates the following output:

Which of the following would the analyst most likely recommend?

（A）Not allowing users to change their local passwords

（B）Removing hard coded credentials from the source code

（C）Installing appropriate EDR tools to block pass-the-hash attempts

（D）Adding additional time to software development to perform fuzz testing

正解：B 解答を投票する

解説: (JPNTest メンバーにのみ表示されます)

質問 2

A security operations engineer needs to prevent inadvertent data disclosure when encrypted SSDs are reused within an enterprise. Which of the following is the most secure way to achieve this goal?

（A）Executing a script that deletes and overwrites all data on the SSD three times

（B）Writing non-zero, random data to all cells of the SSD

（C）Securely deleting the encryption keys used by the SSD

（D）Wiping the SSD through degaussing

正解：C 解答を投票する

解説: (JPNTest メンバーにのみ表示されます)

質問 3

Users must accept the terms presented in a captive petal when connecting to a guest network. Recently, users have reported that they are unable to access the Internet after joining the network A network engineer observes the following:
* Users should be redirected to the captive portal.
* The Motive portal runs Tl. S 1 2
* Newer browser versions encounter security errors that cannot be bypassed
* Certain websites cause unexpected re directs
Which of the following mow likely explains this behavior?

（A）Employment of the HSTS setting is proliferating rapidly.

（B）An attacker is redirecting supplicants to an evil twin WLAN.

（C）The TLS ciphers supported by the captive portal ate deprecated

（D）Allowed traffic rules are causing the NIPS to drop legitimate traffic

正解：C 解答を投票する

解説: (JPNTest メンバーにのみ表示されます)

質問 4

A company wants to invest in research capabilities with the goal to operationalize the research output. Which of the following is the best option for a security architect to recommend?

（A）Threat intelligence platform

（B）Honeypots

（C）Continuous adversary emulation

（D）Dark web monitoring

正解：A 解答を投票する

解説: (JPNTest メンバーにのみ表示されます)

質問 5

Company A and Company D ate merging Company A's compliance reports indicate branch protections are not in place A security analyst needs to ensure that potential threats to the software development life cycle are addressed. Which of the following should me analyst cons<der when completing this basic?

（A）If DAST scans are routinely scheduled

（B）If role-based training is deployed

（C）If DAST code is being stored to a single code repository

（D）If developers are unable to promote to production

正解：A 解答を投票する

解説: (JPNTest メンバーにのみ表示されます)

質問 6

Audit findings indicate several user endpoints are not utilizing full disk encryption During me remediation process, a compliance analyst reviews the testing details for the endpoints and notes the endpoint device configuration does not support full disk encryption Which of the following is the most likely reason me device must be replaced'

（A）The HSM does not support sealing storage

（B）The HSM is outdated and no longer supported by the manufacturer

（C）The HSM is vulnerable to common exploits and a firmware upgrade is needed

（D）The vTPM was not properly initialized and is corrupt.

（E）The motherboard was not configured with a TPM from the OEM supplier.

正解：E 解答を投票する

解説: (JPNTest メンバーにのみ表示されます)

質問 7

A security professional is investigating a trend in vulnerability findings for newly deployed cloud systems Given the following output:

Which of the following actions would address the root cause of this issue?

（A）Recompiling the affected programs with the most current patches

（B）Disabling unused/unneeded ports on all servers

（C）Deploying a WAF with virtual patching upstream of the affected systems

（D）Automating the patching system to update base Images

正解：D 解答を投票する

解説: (JPNTest メンバーにのみ表示されます)

質問 8

An organization wants to create a threat model to identity vulnerabilities in its infrastructure. Which of the following, should be prioritized first?

（A）Internal infrastructure with high-seventy and Known exploited vulnerabilities

（B）External-facing Infrastructure with known exploited vulnerabilities

（C）External-facing infrastructure with a high risk score that can only be exploited with local access to the resource

（D）External facing Infrastructure with a low risk score and no known exploited vulnerabilities

正解：B 解答を投票する

解説: (JPNTest メンバーにのみ表示されます)

質問 9

A company wants to implement hardware security key authentication for accessing sensitive information systems The goal is to prevent unauthorized users from gaining access with a stolen password Which of the following models should the company implement to best solve this issue?

（A）Rule based

（B）Time-based

（C）Role based

（D）Context-based

正解：D 解答を投票する

解説: (JPNTest メンバーにのみ表示されます)

質問 10

A security analyst is reviewing suspicious log-in activity and sees the following data in the SICM:

Which of the following is the most appropriate action for the analyst to take?

（A）Have the admin account owner change their password to avoid credential stuffing.

（B）Update the log configuration settings on the directory server that Is not being captured properly.

（C）Block employees from logging in to applications that are not part of their business area.

（D）implement automation to disable accounts that nave been associated with high-risk activity.

正解：D 解答を投票する

解説: (JPNTest メンバーにのみ表示されます)

CAS-005 無料問題集「CompTIA SecurityX Certification」

弊社を連絡する

関連リンク

トップ試験