Comptia braindumps2go cas-005 Leak Questions by Ariya q35 vce pdf

Page: 4 / 25

Exam Name:	CompTIA SecurityX Certification Exam
Exam Code:	CAS-005 Dumps
Vendor:	CompTIA	Certification:	CompTIA CASP
Questions:	344 Q&A's	Shared By:	ariya

Question 16

An organization is implementing Zero Trust architecture A systems administrator must increase the effectiveness of the organization ' s context-aware access system. Which of the following is the best way to improve the effectiveness of the system?

Options:

Secure zone architecture

Always-on VPN

Accurate asset inventory

Microsegmentation

Discussion

Norah

Cramkey is highly recommended.

Zayan Apr 10, 2026

Definitely. If you're looking for a reliable and effective study resource, look no further than Cramkey Dumps. They're simply wonderful!

Carson

Yeah, definitely. I would definitely recommend Cramkey Dumps to anyone who is preparing for an exam.

Rufus Mar 31, 2026

Me too. They're a lifesaver!

Rosalie

I passed. I would like to tell all students that they should definitely give Cramkey Dumps a try.

Maja Apr 8, 2026

That sounds great. I'll definitely check them out. Thanks for the suggestion!

Atlas

What are these Dumps? Would anybody please explain it to me.

Reign Apr 19, 2026

These are exam dumps for a variety of IT certifications. They have a vast collection of updated questions and answers, which are very helpful in preparing for the exams.

Miley

Hey, I tried Cramkey Dumps for my IT certification exam. They are really awesome and helped me pass my exam with wonderful score.

Megan Apr 3, 2026

That’s great!!! I’ll definitely give it a try. Thanks!!!

Question 17

A building camera is remotely accessed and disabled from the remote console application during off-hours. A security analyst reviews the following logs:

Questions 17

A security architect is onboarding a new EDR agent on servers that traditionally do not have internet access. In order for the agent to receive updates and report back to the management console, some changes must be made. Which of the following should the architect do to best accomplish this requirement? (Select two).

Options:

Create a firewall rule to only allow traffic from the subnet to the internet via a proxy.

Configure a proxy policy that blocks all traffic on port 443.

Configure a proxy policy that allows only fully qualified domain names needed to communicate to a portal.

Create a firewall rule to only allow traffic from the subnet to the internet via port 443.

Create a firewall rule to only allow traffic from the subnet to the internet to fully qualified names that are not identified as malicious by the firewall vendor.

Configure a proxy policy that blocks only lists of known-bad, fully qualified domain names.

Discussion

Question 18

Questions 18

An administrator needs to craft a single certificate-signing request for a web-server certificate. The server should be able to use the following identities to mutually authenticate other resources over TLS:

• wwwJnt.comptia.org

• webserver01.int.comptia.org

•10.5.100.10

Which of the following certificate fields must be set properly to support this objective?

Options:

Subject alternative name

Organizational unit

Extended key usage

Certificate extension

Discussion

Question 19

A company that uses containers to run its applications is required to identify vulnerabilities on every container image in a private repository The security team needs to be able to quickly evaluate whether to respond to a given vulnerability Which of the following, will allow the security team to achieve the objective with the last effort?

Options:

SAST scan reports

Centralized SBoM

CIS benchmark compliance reports

Credentialed vulnerability scan