최신 CAS-005 무료덤프 - CompTIA SecurityX Certification

문제1

A senior security engineer flags me following log file snippet as hawing likely facilitated an attacker's lateral movement in a recent breach:

Which of the following solutions, if implemented, would mitigate the nsk of this issue reoccurnnp?

A. Restricting DNS traffic to UDP'W

B. Disabling DNS zone transfers

C. Implementing DNS masking on internal servers

D. Permitting only clients from internal networks to query DNS

정답: B

설명: (DumpTOP 회원만 볼 수 있음)

문제2

A security analyst wants to use lessons learned from a poor incident response to reduce dwell lime in the future The analyst is using the following data points

Which of the following would the analyst most likely recommend?

A. Adjusting the SIEM to alert on attempts to visit phishing sites

B. Enabling alerting on all suspicious administrator behavior

C. utilizing allow lists on the WAF for all users using GFT methods

D. Allowing TRACE method traffic to enable better log correlation

정답: B

설명: (DumpTOP 회원만 볼 수 있음)

문제3

An audit finding reveals that a legacy platform has not retained loos for more than 30 days The platform has been segmented due to its interoperability with newer technology. As a temporary solution, the IT department changed the log retention to 120 days. Which of the following should the security engineer do to ensure the logs are being properly retained?

A. Configure the SIEM to aggregate the logs

B. Configure a scheduled task nightly to save the logs

C. Configure event-based triggers to export the logs at a threshold.

D. Configure a Python script to move the logs into a SQL database.

정답: A

설명: (DumpTOP 회원만 볼 수 있음)

문제4

An IPSec solution is being deployed. The configuration files for both the VPN concentrator and the AAA server are shown in the diagram.
Complete the configuration files to meet the following requirements:
* The EAP method must use mutual certificate-based authentication (With issued client certificates).
* The IKEv2 Cipher suite must be configured to the MOST secure
authenticated mode of operation,
* The secret must contain at least one uppercase character, one lowercase character, one numeric character, and one special character, and it must meet a minimum length requirement of eight characters, INSTRUCTIONS Click on the AAA server and VPN concentrator to complete the configuration.
Fill in the appropriate fields and make selections from the drop-down menus.

VPN Concentrator:

AAA Server:

정답:

See the answer below in Explanation.
Explanation:
VPN Concentrator:
A screenshot of a computer Description automatically generated

AAA Server:
A screenshot of a computer Description automatically generated

문제5

A company hosts a platform-as-a-service solution with a web-based front end, through which customer interact with data sets. A security administrator needs to deploy controls to prevent application-focused attacks. Which of the following most directly supports the administrator's objective'

A. Creating WAF policies for relevant programming languages

B. Implementing application toad balancing and cross-region availability

C. improving security dashboard visualization on SIEM

D. Rotating API access and authorization keys every two months

정답: A

설명: (DumpTOP 회원만 볼 수 있음)

문제6

A company updates its cloud-based services by saving infrastructure code in a remote repository. The code is automatically deployed into the development environment every time the code is saved lo the repository The developers express concern that the deployment often fails, citing minor code issues and occasional security control check failures in the development environment Which of the following should a security engineer recommend to reduce the deployment failures? (Select two).

A. Software composition analysis

B. Repository branch protection

C. Pre-commit code linting

D. Pipeline compliance scanning

E. Automated regression testing

F. Code submit authorization workflow

정답: C,E

설명: (DumpTOP 회원만 볼 수 있음)

문제7

A company's help desk is experiencing a large number of calls from the finance department slating access issues to www bank com The security operations center reviewed the following security logs:

Which of the following is most likely the cause of the issue?

A. Recursive DNS resolution is failing

B. DNS traffic is being sinkholed.

C. The DNS was set up incorrectly.

D. The DNS record has been poisoned.

정답: B

설명: (DumpTOP 회원만 볼 수 있음)

문제8

Which of the following is the security engineer most likely doing?

A. Assessing log in activities using geolocation to tune impossible Travel rate alerts

B. Threat hunting for suspicious activity from an insider threat

C. Reporting on remote log-in activities to track team metrics

D. Baselining user behavior to support advanced analytics

정답: A

설명: (DumpTOP 회원만 볼 수 있음)

문제9

Users are willing passwords on paper because of the number of passwords needed in an environment. Which of the following solutions is the best way to manage this situation and decrease risks?

A. Requiring users to use an open-source password manager

B. implementing an SSO solution and integrating with applications

C. Implementing an MFA solution to avoid reliance only on passwords

D. Increasing password complexity to require 31 least 16 characters

정답: B

설명: (DumpTOP 회원만 볼 수 있음)

문제10

Developers have been creating and managing cryptographic material on their personal laptops fix use in production environment. A security engineer needs to initiate a more secure process. Which of the following is the best strategy for the engineer to use?

A. Managing key material on a HSM

B. Managing secrets on the vTPM hardware

C. Disabling the BIOS and moving to UEFI

D. Employing shielding lo prevent LMI

정답: A

설명: (DumpTOP 회원만 볼 수 있음)

최신 CAS-005 무료덤프 - CompTIA SecurityX Certification

우리와 연락하기

유용한 링크

최신 업데이트