Exam CAS-005: CompTIA SecurityX
| Exam Number: CAS-005 | Length of test: 165 mins |
| Exam Name: CompTIA SecurityX | Number of questions in the actual exam: 90 |
| Format: PDF, VPLUS | Passing Score: The exam is pass/fail; no scaled score is provided |
|
Total Questions: 160 $30 Premium PDF file 2 months updates |
Total Questions: 160 FREE Premium VPLUS file |
Download practice test questions
| Title | Size | Hits | Download |
|---|---|---|---|
| CompTIA.CAS-005.by,Atony.38q | 903.71 KB | 31 | Download |
| CompTIA.CAS-005.by,Atony.38q | 1.20 MB | 29 | Download |
| Exam Codes | CAS-004 | CAS-005 |
| Launch Date | October 6, 2021 | December 17, 2024 |
| Exam Description | CASP+ covers the technical knowledge and skills required to architect, engineer, integrate, and implement secure solutions across complex environments to support a resilient enterprise while considering the impact of governance, risk, and compliance requirements. | SecurityX (formerly CASP+) covers the technical knowledge and skills required to architect, engineer, integrate, and implement secure solutions across complex environments to support a resilient enterprise while considering the impact of governance, risk, and compliance requirements. |
| Number of Questions | Maximum of 90 questions | Maximum of 90 questions |
| Type of Questions | Multiple-choice and performance-based | Multiple-choice and performance-based |
| Length of Test | 165 Minutes | 165 Minutes |
| Passing Score | This test has no scaled score; it’s pass/fail only. | This test has no scaled score; it’s pass/fail only. |
| Recommended Experience | A minimum of ten years of general hands-on IT experience, with at least five years of broad hands-on security experience. | Minimum 10 years general hands on IT experience, 5 years being hands-on security, with Network+, Security+, CySA+, Cloud+ and PenTest+ or equivalent knowledge |
| Languages | English, Japanese and Thai | TBD |
| Retirement | June 17, 2025 | Generally three years after launch |
| Testing Provider | Pearson VUE
|
Pearson VUE
|
Some new sample questions:
Question:
An organization hires a security consultant to establish a SOC that includes a threat-modeling function. During initial activities, the consultant works with system engineers to identify antipatterns within the environment. Which of the following is most critical for the engineers to disclose to the consultant during this phase?
A. Results from the most recent infrastructure access review
B. A listing of unpatchable IoT devices in use in the data center
C. Network and data flow diagrams covering the production environment
D. Results from the most recent software composition analysis
E. A current inventory of cloud resources and SaaS products in use
Question:
Which of the following best describes the reason a network architect would enable forward secrecy on all VPN tunnels?
A. This process is a requirement to enable hardware-accelerated cryptography.
B. This process reduces the success of attackers performing cryptanalysis.
C. The business requirements state that confidentiality is a critical success factor.
D. Modern cryptographic protocols list this process as a prerequisite for use.
Question:
A security engineer must ensure that sensitive corporate information is not exposed if a company laptop is stolen. Which of the following actions best addresses this requirement?
A. Utilizing desktop as a service for all company data and multifactor authentication
B. Using explicit allow lists of specific IP addresses and deploying single sign-on
C. Deploying mobile device management and requiring stronger passwords
D. Updating security mobile reporting policies and monitoring data breaches
………….
Some new sample questions:
Question:
As part of a security audit in the software development life cycle, a product manager must demonstrate and provide evidence of a complete representation of the code and modules used within the production-deployed application prior to the build. Which of the following best provides the required evidence?
A. Software composition analysis
B. Runtime application inspection
C. Static application security testing
D. Interactive application security testing
Question:
A Chief Information Security Officer is concerned about the operational impact of ransomware. In the event of a ransomware attack, the business requires the integrity of the data to remain intact and an RPO of less than one hour. Which of the following storage strategies best satisfies the business requirements?
A. Full disk encryption
B. Remote journaling
C. Immutable
D. RAID 10
Question:
Previously intercepted communications must remain secure even if a current encryption key is compromised in the future. Which of the following best supports this requirement?
A. Tokenization
B. Key stretching
C. Forward secrecy
D. Simultaneous authentication of equals
Question:
After a company discovered a zero-day vulnerability in its VPN solution, the company plans to deploy cloud-hosted resources to replace its current on-premises systems. An engineer must find an appropriate solution to facilitate trusted connectivity. Which of the following capabilities is the most relevant?
A. Container orchestration
B. Microsegmentation
C. Conditional access
D. Secure access service edge (SASE)
……
Some new sample questions:
Question:
A financial services organization is using Al lo fully automate the process of deciding client loan rates Which of the following should the organization be most concerned about from a privacy perspective?
A. Model explainability
B. Credential Theft
C. Possible prompt Injections
D. Exposure to social engineering
Question:
Company A acquired Company B and needs to determine how the acquisition will impact the attack surface of the organization as a whole. Which of the following is the best way to achieve this goal? (Select two).
Implementing DLP controls preventing sensitive data from leaving Company B’s network
A. Documenting third-party connections used by Company B
B. Reviewing the privacy policies currently adopted by Company B
C. Requiring data sensitivity labeling tor all files shared with Company B
D. Forcing a password reset requiring more stringent passwords for users on Company B’s network
E. Performing an architectural review of Company B’s network
Question:
Asecuntv administrator is performing a gap assessment against a specific OS benchmark The benchmark requires the following configurations be applied to endpomts:
* Full disk encryption
* Host-based firewall
* Time synchronization
* Password policies
* Application allow listing
* Zero Trust application access
Which of the following solutions best addresses the requirements? (Select two).
A. CASB
B. SBoM
C. SCAP
D. SASE
E. HIDS
Question:
A company wants to implement hardware security key authentication for accessing sensitive information systems The goal is to prevent unauthorized users from gaining access with a stolen password Which of the following models should the company implement to bst solve this issue?
A. Rule based
B. Time-based
C. Role based
D. Context-based
………