Comptia examstopics securityx Cas-005 Reddit Questions by Sulaiman q70 vce pdf

Page: 6 / 18

Exam Name:	CompTIA SecurityX Certification Exam
Exam Code:	CAS-005 Dumps
Vendor:	CompTIA	Certification:	SecurityX
Questions:	249 Q&A's	Shared By:	sulaiman

Question 24

An analyst wants to conduct a risk assessment on a new application that is being deployed. Given the following information:

• Total budget allocation for the new application is unavailable.

• Recovery time objectives have not been set.

• Downtime loss calculations cannot be provided.

Which of the following statements describes the reason a qualitative assessment is the best option?

Options:

The analyst has previous work experience in application development.

Sufficient metrics are not available to conduct other risk assessment types.

An organizational risk register tracks all risks and mitigations across business units.

The organization wants to find the monetary value of any outages.

Discussion

Question 25

An organization found a significant vulnerability associated with a commonly used package in a variety of operating systems. The organization develops a registry of software dependencies to facilitate incident response activities. As part of the registry, the organization creates hashes of packages that have been formally vetted. Which of the following attack vectors does this registry address?

Options:

Supply chain attack B. Cipher substitution attack C. Side-channel analysis D. On-path attack E. Pass-the-hash attack

Discussion

Answer:

Explanation:

Step by Step Explanation:

Understanding the Scenario: The question describes a proactive security measure where an organization maintains a registry of software dependencies and their corresponding hashes. This registry is used to verify the integrity of software packages.

Analyzing the Answer Choices:

A. Supply chain attack: This type of attack involves compromising the software supply chain by injecting malicious code into legitimate software packages.

[Reference: CASP+ objectives often emphasize supply chain security due to its growing importance. The scenario directly relates to this type of attack, as the registry helps ensure that software packages haven't been tampered with during the supply chain process., B. Cipher substitution attack: This is a cryptographic attack focused on replacing ciphertext with a different ciphertext to deduce the key. It's not relevant to the scenario., C. Side-channel analysis: This attack involves gathering information from the physical implementation of a system (e.g., timing, power consumption) rather than exploiting the algorithm itself. It's not applicable here., D. On-path attack (formerly man-in-the-middle): This attack involves intercepting and potentially altering communication between two parties. While important, it's not theprimary focus of the registry., E. Pass-the-hash attack: This attack involves using a stolen hash of a user's password to authenticate without needing the actual password. It's unrelated to software package integrity., Why A is the Correct Answer:, A supply chain attack is exactly what the organization is trying to mitigate. By creating a registry of known-good software packages and their hashes, they can verify that the packages they are using are legitimate and haven't been altered., If an attacker were to compromise a software package in the supply chain, the hash of the altered package would not match the hash in the organization's registry. This would immediately alert the organization to a potential compromise., CASP+ Relevance: This aligns with the CASP+ exam objectives, which emphasize the importance of risk management, threat intelligence, and implementing security controls to address various attack vectors, including supply chain risks., How the Registry Works (Elaboration based on CASP+principles):, Hashing: When a package is vetted, a cryptographic hash function (like SHA-256) is used to generate a unique "fingerprint" (the hash) of the package's contents., Verification: Before installing or using a package, its hash is calculated and compared to the hash stored in the registry. A match confirms the package's integrity. A mismatch indicates tampering., Incident Response: If a vulnerability is discovered in a commonly used package, the registry helps the organization quickly identify which systems are affected based on the dependency list and the stored hashes., In conclusion, maintaining a registry of software dependencies with hashes is a crucial security control that directly addresses the threat of supply chain attacks by ensuring the integrity and authenticity of software packages. The use of hash functions for verification is a common practice in security and is emphasized in the CASP+ material., , , ]

Question 26

A user reports application access issues to the help desk. The help desk reviews the logs for the user:

Questions 26

Which of the following is most likely the reason for the issue?

Options:

The user inadvertently tripped the geoblock rule in NGFW.

A threat actor has compromised the user's account and attempted to log in.

The user is not allowed to access the human resources system outside of business hours.

The user did not attempt to connect from an approved subnet.

Discussion

Neve

Will I be able to achieve success after using these dumps?

Rohan Jul 14, 2025

Absolutely. It's a great way to increase your chances of success.

Stefan

Thank you so much Cramkey I passed my exam today due to your highly up to date dumps.

Ocean Jul 22, 2025

Agree….Cramkey Dumps are constantly updated based on changes in the exams. They also have a team of experts who regularly review the materials to ensure their accuracy and relevance. This way, you can be sure you're studying the most up-to-date information available.

Sam

Can I get help from these dumps and their support team for preparing my exam?

Audrey Jul 7, 2025

Definitely, you won't regret it. They've helped so many people pass their exams and I'm sure they'll help you too. Good luck with your studies!

Pippa

I was so happy to see that almost all the questions on the exam were exactly what I found in their Dumps.

Anastasia Jul 11, 2025

You are right…It was amazing! The Cramkey Dumps were so comprehensive and well-organized, it made studying for the exam a breeze.

Question 27

After some employees were caught uploading data to online personal storage accounts, a company becomes concerned about data leaks related to sensitive, internal documentation. Which of the following would the company most likely do to decrease this type of risk?

Options:

Improve firewall rules to avoid access to those platforms.

Implement a cloud-access security broker

Create SIEM rules to raise alerts for access to those platforms

Deploy an internet proxy that filters certain domains