Comptia examstopics securityx Cas-005 Reddit Questions by Sulaiman q70 vce pdf

Page: 6 / 18

Exam Name:	CompTIA SecurityX Certification Exam
Exam Code:	CAS-005 Dumps
Vendor:	CompTIA	Certification:	SecurityX
Questions:	249 Q&A's	Shared By:	sulaiman

Question 24

An analyst wants to conduct a risk assessment on a new application that is being deployed. Given the following information:

• Total budget allocation for the new application is unavailable.

• Recovery time objectives have not been set.

• Downtime loss calculations cannot be provided.

Which of the following statements describes the reason a qualitative assessment is the best option?

Options:

The analyst has previous work experience in application development.

Sufficient metrics are not available to conduct other risk assessment types.

An organizational risk register tracks all risks and mitigations across business units.

The organization wants to find the monetary value of any outages.

Discussion

Question 25

An organization found a significant vulnerability associated with a commonly used package in a variety of operating systems. The organization develops a registry of software dependencies to facilitate incident response activities. As part of the registry, the organization creates hashes of packages that have been formally vetted. Which of the following attack vectors does this registry address?

Options:

Supply chain attack B. Cipher substitution attack C. Side-channel analysis D. On-path attack E. Pass-the-hash attack

Discussion

Answer:

Explanation:

Step by Step Explanation:

Understanding the Scenario: The question describes a proactive security measure where an organization maintains a registry of software dependencies and their corresponding hashes. This registry is used to verify the integrity of software packages.

Analyzing the Answer Choices:

A. Supply chain attack: This type of attack involves compromising the software supply chain by injecting malicious code into legitimate software packages.

[Reference: CASP+ objectives often emphasize supply chain security due to its growing importance. The scenario directly relates to this type of attack, as the registry helps ensure that software packages haven't been tampered with during the supply chain process., B. Cipher substitution attack: This is a cryptographic attack focused on replacing ciphertext with a different ciphertext to deduce the key. It's not relevant to the scenario., C. Side-channel analysis: This attack involves gathering information from the physical implementation of a system (e.g., timing, power consumption) rather than exploiting the algorithm itself. It's not applicable here., D. On-path attack (formerly man-in-the-middle): This attack involves intercepting and potentially altering communication between two parties. While important, it's not theprimary focus of the registry., E. Pass-the-hash attack: This attack involves using a stolen hash of a user's password to authenticate without needing the actual password. It's unrelated to software package integrity., Why A is the Correct Answer:, A supply chain attack is exactly what the organization is trying to mitigate. By creating a registry of known-good software packages and their hashes, they can verify that the packages they are using are legitimate and haven't been altered., If an attacker were to compromise a software package in the supply chain, the hash of the altered package would not match the hash in the organization's registry. This would immediately alert the organization to a potential compromise., CASP+ Relevance: This aligns with the CASP+ exam objectives, which emphasize the importance of risk management, threat intelligence, and implementing security controls to address various attack vectors, including supply chain risks., How the Registry Works (Elaboration based on CASP+principles):, Hashing: When a package is vetted, a cryptographic hash function (like SHA-256) is used to generate a unique "fingerprint" (the hash) of the package's contents., Verification: Before installing or using a package, its hash is calculated and compared to the hash stored in the registry. A match confirms the package's integrity. A mismatch indicates tampering., Incident Response: If a vulnerability is discovered in a commonly used package, the registry helps the organization quickly identify which systems are affected based on the dependency list and the stored hashes., In conclusion, maintaining a registry of software dependencies with hashes is a crucial security control that directly addresses the threat of supply chain attacks by ensuring the integrity and authenticity of software packages. The use of hash functions for verification is a common practice in security and is emphasized in the CASP+ material., , , ]

Ernest

That's amazing. I think I'm going to give Cramkey Dumps a try for my next exam. Thanks for telling me about them! CramKey admin please share more questions……You guys are amazing.

Nate Jul 12, 2025

I failed last week, I never know this site , but amazed to see all these questions were in my exam week before. I feel bad now, why I didn’t bother this site. Thanks Cramkey, Excellent Job.

Vienna

I highly recommend them. They are offering exact questions that we need to prepare our exam.

Jensen Jul 4, 2025

That's great. I think I'll give Cramkey a try next time I take a certification exam. Thanks for the recommendation!

Cody

I used Cramkey Dumps to prepare and a lot of the questions on the exam were exactly what I found in their study materials.

Eric Jul 18, 2025

Really? That's great to hear! I used Cramkey Dumps too and I had the same experience. The questions were almost identical.

Inaaya

Are these Dumps worth buying?

Fraser Jul 26, 2025

Yes, of course, they are necessary to pass the exam. They give you an insight into the types of questions that could come up and help you prepare effectively.

Ella-Rose

Amazing website with excellent Dumps. I passed my exam and secured excellent marks!!!

Alisha Jul 8, 2025

Extremely accurate. They constantly update their materials with the latest exam questions and answers, so you can be confident that what you're studying is up-to-date.

Question 26

A user reports application access issues to the help desk. The help desk reviews the logs for the user:

Questions 26

Which of the following is most likely the reason for the issue?

Options:

The user inadvertently tripped the geoblock rule in NGFW.

A threat actor has compromised the user's account and attempted to log in.

The user is not allowed to access the human resources system outside of business hours.

The user did not attempt to connect from an approved subnet.

Discussion

Question 27

After some employees were caught uploading data to online personal storage accounts, a company becomes concerned about data leaks related to sensitive, internal documentation. Which of the following would the company most likely do to decrease this type of risk?

Options:

Improve firewall rules to avoid access to those platforms.

Implement a cloud-access security broker

Create SIEM rules to raise alerts for access to those platforms

Deploy an internet proxy that filters certain domains