Summer Sale Limited Time 65% Discount Offer - Ends in 0d 00h 00m 00s - Coupon code: get65

CompTIA Updated CAS-005 Exam Questions and Answers by ariya

Page: 4 / 25

CompTIA CAS-005 Exam Overview :

Exam Name: CompTIA SecurityX Certification Exam
Exam Code: CAS-005 Dumps
Vendor: CompTIA Certification: CompTIA CASP
Questions: 344 Q&A's Shared By: ariya
Question 16

An organization is implementing Zero Trust architecture A systems administrator must increase the effectiveness of the organization ' s context-aware access system. Which of the following is the best way to improve the effectiveness of the system?

Options:

A.

Secure zone architecture

B.

Always-on VPN

C.

Accurate asset inventory

D.

Microsegmentation

Discussion
Lennox
Something Special that they provide a comprehensive overview of the exam content. They cover all the important topics and concepts, so you can be confident that you are well-prepared for the test.
Aiza Jun 1, 2026
That makes sense. What makes Cramkey Dumps different from other study materials?
Kylo
What makes Cramkey Dumps so reliable? Please guide.
Sami Jun 7, 2026
Well, for starters, they have a team of experts who are constantly updating their material to reflect the latest changes in the industry. Plus, they have a huge database of questions and answers, which makes it easy to study and prepare for the exam.
Georgina
I used Cramkey Dumps to prepare for my recent exam and I have to say, they were a huge help.
Corey Jun 3, 2026
Really? How did they help you? I know these are the same questions appears in exam. I will give my try. But tell me if they also help in some training?
Pippa
I was so happy to see that almost all the questions on the exam were exactly what I found in their Dumps.
Anastasia Jun 15, 2026
You are right…It was amazing! The Cramkey Dumps were so comprehensive and well-organized, it made studying for the exam a breeze.
Nadia
Why these dumps are important? Can I pass my exam without these dumps?
Julian May 31, 2026
The questions in the Cramkey dumps are explained in detail and there are also study notes and reference materials provided. This made it easier for me to understand the concepts and retain the information better.
Question 17

A building camera is remotely accessed and disabled from the remote console application during off-hours. A security analyst reviews the following logs:

Questions 17

A security architect is onboarding a new EDR agent on servers that traditionally do not have internet access. In order for the agent to receive updates and report back to the management console, some changes must be made. Which of the following should the architect do to best accomplish this requirement? (Select two).

Options:

A.

Create a firewall rule to only allow traffic from the subnet to the internet via a proxy.

B.

Configure a proxy policy that blocks all traffic on port 443.

C.

Configure a proxy policy that allows only fully qualified domain names needed to communicate to a portal.

D.

Create a firewall rule to only allow traffic from the subnet to the internet via port 443.

E.

Create a firewall rule to only allow traffic from the subnet to the internet to fully qualified names that are not identified as malicious by the firewall vendor.

F.

Configure a proxy policy that blocks only lists of known-bad, fully qualified domain names.

Discussion
Question 18

Questions 18

An administrator needs to craft a single certificate-signing request for a web-server certificate. The server should be able to use the following identities to mutually authenticate other resources over TLS:

• wwwJnt.comptia.org

• webserver01.int.comptia.org

•10.5.100.10

Which of the following certificate fields must be set properly to support this objective?

Options:

A.

Subject alternative name

B.

Organizational unit

C.

Extended key usage

D.

Certificate extension

Discussion
Question 19

A company that uses containers to run its applications is required to identify vulnerabilities on every container image in a private repository The security team needs to be able to quickly evaluate whether to respond to a given vulnerability Which of the following, will allow the security team to achieve the objective with the last effort?

Options:

A.

SAST scan reports

B.

Centralized SBoM

C.

CIS benchmark compliance reports

D.

Credentialed vulnerability scan

Discussion
Page: 4 / 25
Title
Questions
Posted

CAS-005
PDF

$36.75  $104.99

CAS-005 Testing Engine

$43.75  $124.99

CAS-005 PDF + Testing Engine

$57.75  $164.99