CompTIA SecurityX CAS-005 Questions & Answers

• Question 1:

  A Chief Information Security Officer is concerned about the condition of the code security being used for web applications. It is important to get the review right the first time, and the company is willing to use a tool that will allow developers to validate code as it is written. Which of the following methods should the company use?

  A. SAST

  B. DAST

  C. Fuzz testing

  D. Intercepting proxy

  Correct Answer: A

• Question 2:

  A security architect examines a section of code and discovers the following:

  1.

  char username[20]

  2.

  char password[20]

  3.

  gets(username)

  4.

  checkUserExists(username)

  Which of the following changes should the security architect require before approving the code for release?

  A. Allow only alphanumeric characters for the username.

  B. Make the password variable longer to support more secure passwords.

  C. Prevent more than 20 characters from being entered.

  D. Add a password parameter to the checkUserExists function.

  Correct Answer: C

  The code snippet provided is vulnerable to a buffer overflow attack due to the use of the gets function, which does not limit the input size. This can lead to memory corruption and potential security vulnerabilities. By ensuring that no more than 20 characters are entered, the code can prevent buffer overflow attacks, thus mitigating a significant security risk.

• Question 3:

  A software developer has been tasked with creating a unique threat detection mechanism that is based on machine learning. The information system for which the tool is being developed is on a rapid CI/CD pipeline, and the tool developer is considered a supplier to the process. Which of the following presents the most risk to the development life cycle and to the ability to deliver the security tool on time?

  A. Deep learning language barriers

  B. Big Data processing required for maturity

  C. Secure, multiparty computation requirements

  D. Computing capabilities available to the developer

  Correct Answer: B

• Question 4:

  A Chief Information Security Officer (CISO) received a call from the Chief Executive Officer (CEO) about a data breach from the SOC lead around 9:00 a.m. At 10:00 a.m. The CEO informs the CISO that a breach of the firm is being reported on national news. Upon investigation, it is determined that a network administrator has reached out to a vendor prior to the breach for information on a security patch that failed to be installed. Which of the following should the CISO do to

  prevent this from happening again?

  A. Properly triage events based on brand imaging and ensure the CEO is on the call roster.

  B. Create an effective communication plan and socialize it with all employees.

  C. Send out a press release denying the breach until more information can be obtained.

  D. Implement a more robust vulnerability identification process.

  Correct Answer: B

• Question 5:

  Before launching a new web application, an organization would like to perform security testing. Which of the following resources should the organization use to determine the objectives for the test?

  A. CASB

  B. SOAR

  C. OWASP

  D. ISAC

  Correct Answer: C

• Question 6:

  A security team is creating tickets to track the progress of remediation. Which of the following is used to specify the due dates for high- and critical-priority findings?

  A. MSA

  B. SLA

  C. ISA

  D. MOU

  Correct Answer: B

• Question 7:

  The IT team suggests the company would save money by using self-signed certificates, but the security team indicates the company must use digitally signed third-party certificates. Which of the following is a valid reason to pursue the security team's recommendation?

  A. PKCS #10 is still preferred over PKCS #12.

  B. Private-key CSR signage prevents on-path interception.

  C. There is more control in using a local certificate over a third-party certificate.

  D. There is minimal benefit in using a certificate revocation list.

  Correct Answer: B

  Using a digitally signed third-party certificate ensures that the certificate is trusted and verified, reducing the risk of man-in-the-middle attacks and ensuring secure communications.

• Question 8:

  Which of the following provides the best solution for organizations that want to securely back up the MFA seeds for its employees in a central, offline location with minimal management overhead?

  A. Key escrow service

  B. Secrets management

  C. Encrypted database

  D. Hardware security module

  Correct Answer: D

  An HSM provides a highly secure method for storing and managing cryptographic keys and other sensitive data, including MFA seeds. HSMs are designed to be tamper-resistant and are capable of securely generating, storing, and backing up cryptographic keys in an offline environment. Once configured, HSMs require minimal management overhead and provide robust security features, including physical security, to protect the stored data.

• Question 9:

  An internal security audit determines that Telnet is currently being used within the environment to manage network switches. Which of the following tools should be utilized to identify credentials in plaintext that are used to log in to these devices?

  A. Fuzzer

  B. Network traffic analyzer

  C. HTTP interceptor

  D. Port scanner

  E. Password cracker

  Correct Answer: B

  A network traffic analyzer (also known as a packet sniffer or protocol analyzer) captures and inspects the data packets traveling over the network. Since Telnet transmits data, including credentials, in plaintext, a network traffic analyzer can be used to capture the packets containing the login credentials as they are sent over the network. Tools like Wireshark are commonly used for this purpose and can help identify and analyze the plaintext credentials.

• Question 10:

  A security researcher identified the following messages while testing a web application:

  /file/admin/myprofile.php ERROR file does not exist.

  /file/admin/userinfo.php ERROR file does not exist.

  /file/admin/adminprofile.php ERROR file does not exist.

  /file/admin/admininfo.php ERROR file does not exist.

  /file/admin/universalprofile.php ERROR file does not exist. /file/admin/universalinfo.php ERROR file does not exist.

  /file/admin/restrictedprofile.php ACCESS is denied.

  /file/admin/restrictedinfo.php ERROR file does not exist.

  Which of the following should the researcher recommend to remediate the issue?

  A. Software composition analysis

  B. Packet inspection

  C. Proper error handling

  D. Elimination of the use of unsafe functions

  Correct Answer: C

  The messages provide information about the existence and access permissions of certain files, which can be useful to an attacker. Proper error handling involves:

  Ensuring that error messages do not reveal sensitive information about the server or its structure. Customizing error messages to be generic and user-friendly without disclosing specifics about the error (e.g., "An error occurred" instead of "ERROR file does not exist" or "ACCESS is denied"). Logging detailed error information on the server-side for debugging purposes without exposing it to the end user.