Summer Special 60% Discount Offer - Ends in 0d 00h 00m 00s - Coupon code: bestdeal

Free CompTIA CAS-005 Practice Exam with Questions & Answers | Set: 7

Questions 61

Which of the following security risks should be considered as an organization reduces cost and increases availability of services by adopting serverless computing?

Options:
A.

Level of control and influence governments have over cloud service providers

B.

Type of virtualization or emulation technology used in the provisioning of services

C.

Vertical scalability of the infrastructure underpinning the serverless offerings

D.

Use of third-party monitoring of service provisioning and configurations

CompTIA CAS-005 Premium Access
Questions 62

Previously intercepted communications must remain secure even if a current encryption key is compromised in the future. Which of the following best supports this requirement?

Options:
A.

Tokenization

B.

Key stretching

C.

Forward secrecy

D.

Simultaneous authentication of equals

Questions 63

A security analyst isreviewing the following event timeline from an COR solution:

CAS-005 Question 63

Which of the following most likely has occurred and needs to be fixed?

Options:
A.

The Dl P has failed to block malicious exfiltration and data tagging is not being utilized property

B.

An EDRbypass was utilized by a threat actor and updates must be installed by the administrator.

C.

A logic law has introduced a TOCTOU vulnerability and must be addressed by the COR vendor

D.

A potential insider threat is being investigated and will be addressed by the senior management team.

Questions 64

A security engineer is assisting a DevOps team that has the following requirements for container images:

Ensure container images are hashed and use version controls.

Ensure container images are up to date and scanned for vulnerabilities.

Which of the following should the security engineer do to meet these requirements?

Options:
A.

Enable clusters on the container image and configure the mesh with ACLs.

B.

Enable new security and quality checks within a CI/CD pipeline.

C.

Enable audits on the container image and monitor for configuration changes.

D.

Enable pulling of the container image from the vendor repository and deploy directly to operations.

Questions 65

While investigating a security event an analyst finds evidence that a user opened an email attachment from an unknown source. Shortly after the user opened the attachment, a group of servers experienced a large amount of network and resource activity. Upon investigating the servers, the analyst discovers the servers were encrypted by ransomware that is demanding payment within 48 hours or all data will be destroyed. The company has no response plans for ransomware. Which of the following is the next step the analyst should take after reporting the incident to the management team?

Options:
A.

Pay the ransom within 48 hours

B.

Isolate the servers to prevent the spread

C.

Notify law enforcement

D.

Request that the affected servers be restored immediately

Exam Code: CAS-005
Certification Provider: CompTIA
Exam Name: CompTIA SecurityX Exam
Last Update: Jul 15, 2025
Questions: 219

CompTIA Related Exams

CS0-002 - CompTIA CySA+ Certification Exam (CS0-002)
FC0-U61 - CompTIA IT Fundamentals+ Certification Exam
CNX-001 - CompTIA CloudNetX Exam
CAS-004 - CompTIA Advanced Security Practitioner (CASP+) Exam
PK0-004 - CompTIA Project +
220-1201 - CompTIA A+ Certification Exam: Core 1
N10-008 - CompTIA Network+ Exam
SK0-005 - CompTIA Server+ Certification Exam
CV0-003 - CompTIA Cloud+ Certification Exam
DA0-001 - CompTIA Data+ Certification Exam
PT0-002 - CompTIA PenTest+ Certification Exam
220-1101 - CompTIA A+ Certification Exam: Core 1
PT0-003 - CompTIA PenTest+ Exam
SY0-701 - CompTIA Security+ Exam 2024
FC0-U71 - CompTIA Tech+ Certification Exam
CompTIA Free Access
Get CompTIA Full Access

CompTIA Free Exams
CompTIA Free Exams
Examstrack offers comprehensive free resources and practice tests for CompTIA exams.