CompTIA CompTIA Certifications CAS-005 Questions & Answers

• Question 21:

  An organization has deployed a cloud-based application that provides virtual event services globally to clients. During a typical event, thousands of users access various entry pages within a short period of time. The entry pages include sponsor-related content that is relatively static and is pulled from a database. When the first major event occurs, users report poor response time on the entry pages. Which of the following features is the most appropriate for the company to implement?

  A. Horizontal scalability

  B. Vertical scalability

  C. Containerization

  D. Static code analysis

  E. Caching

  Correct Answer: E

  Caching is the most appropriate feature for the company to implement in this scenario. Caching involves storing frequently accessed data closer to the user, reducing the need to retrieve data from the original source repeatedly. In the context of the virtual event services application, caching sponsor-related content on the entry pages can significantly improve response times for users. This approach leverages the static nature of the content and reduces the load on the database during peak usage times.

• Question 22:

  company management elects to cancel production. Which of the following risk strategies is the company using in this scenario?

  A. Avoidance

  B. Mitigation

  C. Rejection

  D. Acceptance

  Correct Answer: A

• Question 23:

  Which of the following security features do email signatures provide?

  A. Non-repudiation

  B. Body encryption

  C. Code signing

  D. Sender authentication

  E. Chain of custody

  Correct Answer: AD

• Question 24:

  A company has data it would like to aggregate from its PLCs for data visualization and predictive maintenance purposes. Which of the following is the most likely destination for the tag data from the PLCs?

  A. External drive

  B. Cloud storage

  C. System aggregator

  D. Local historian

  Correct Answer: D

  PLCs (Programmable Logic Controllers) are commonly used in industrial automation to control machinery and processes. They generate a significant amount of data known as tag data, which includes real-time information about variables such as temperatures, pressures, and other operational parameters.

  A local historian is a dedicated software or system component used in industrial automation environments to collect, store, and manage tag data from PLCs. The local historian typically resides on-site or within the industrial network environment. Its primary function is to capture and archive historical data from PLCs at a high frequency, providing insights into the operational history and trends of the industrial processes.

• Question 25:

  A security engineer has learned that terminated employees' accounts are not being disabled. The termination dates are updated automatically in the human resources information system software by the appropriate human resources staff. Which of the following would best reduce risks to the organization?

  A. Exporting reports from the system on a weekly basis to disable terminated employees' accounts

  B. Granting permission to human resources staff to mark terminated employees' accounts as disabled

  C. Configuring allowed login times for all staff to only work during business hours

  D. Automating a process to disable the accounts by integrating Active Directory and human resources information systems

  Correct Answer: D

  Automating the process to disable terminated employees' accounts by integrating Active Directory (or any other authentication system) with the human resources information system (HRIS) is the best approach to reduce risks to the organization. By automating this process, the organization ensures that accounts are disabled promptly and consistently whenever an employee's termination date is updated in the HRIS. This reduces the window of opportunity for terminated employees to retain access to systems and sensitive information after leaving the organization.

• Question 26:

  An organization needs to classify its systems and data in accordance with external requirements. Which of the following roles is best qualified to perform this task?

  A. Systems administrator

  B. Data owner

  C. Data processor

  D. Data custodian

  E. Data steward

  Correct Answer: B

• Question 27:

  A senior cybersecurity engineer is solving a digital certificate issue in which the CA denied certificate issuance due to failed subject identity validation. At which of the following steps within the PKI enrollment process would the denial have occurred?

  A. RA

  B. OCSP

  C. CA

  D. IdP

  Correct Answer: C

  While the CA is responsible for issuing the certificates, it relies on the RA (if one is used) to perform the identity validation. If the RA performs its duties correctly, any failed identity validation would be handled at the RA level, and the CA would not issue the certificate.

• Question 28:

  A security analyst identified a vulnerable and deprecated runtime engine that is supporting a public-facing banking application. The developers anticipate the transition to modern development environments will take at least a month. Which of the following controls would best mitigate the risk without interrupting the service during the transition?

  A. Shutting down the systems until the code is ready

  B. Uninstalling the impacted runtime engine

  C. Selectively blocking traffic on the affected port

  D. Configuring IPS and WAF with signatures

  Correct Answer: C

  Selectively blocking traffic on the affected port strikes a balance between security and operational continuity. It effectively mitigates the risk posed by the vulnerable and deprecated runtime engine while allowing the banking application to remain operational until the transition to a modern development environment is completed. This approach ensures that customer service is maintained without compromising security during the transitional phase.

  While IPS and WAF are valuable security measures, they are not specifically tailored to address the risks associated with a deprecated runtime engine. Configuring IPS and WAF with signatures is more effective for protecting against specific types of attacks but may not comprehensively mitigate the vulnerabilities in the runtime engine itself. Selectively blocking traffic on the affected port directly addresses the immediate risk posed by the deprecated component without introducing potential operational disruptions or incomplete protection scenarios that could arise from relying solely on IPS and WAF.

• Question 29:

  An organization's load balancers have reached end of life and have a vulnerability that will require them to be replaced. The load balancers are scheduled to be decommissioned within the next month. The management team has decided not to resolve this risk and instead allow the load balancers to remain in place until their decommission date. Which of the following risk handling techniques is the management team using?

  A. Avoid

  B. Mitigate

  C. Accept

  D. Transfer

  Correct Answer: C

  The management team is choosing to accept the risk associated with the end-of-life load balancers that have a known vulnerability. Accepting the risk means acknowledging that the vulnerability exists but deciding not to take any further action to mitigate or transfer it. In this case, the organization has made the decision to continue using the load balancers until their scheduled decommission date, despite the known vulnerability. This approach may be taken if the risk is deemed acceptable within the organization's risk tolerance levels, and if other risk handling techniques like mitigation or transfer are not feasible or practical in the given timeframe.

• Question 30:

  A help desk analyst suddenly begins receiving numerous calls from remote employees who state they are unable to connect to the VPN. The employees indicate the VPN client software is warning about an expired certificate. The help desk analyst determines the VPN certificate is valid. Which of the following is the most likely cause of the issue?

  A. The certificate has been compromised and needs to be replaced.

  B. The VPN concentrator is running an old version of code and needs to be upgraded.

  C. The NTP settings on the VPN concentrator are incorrectly configured.

  D. The end users are using outdated VPN client software.

  Correct Answer: C

  The issue described--where remote employees are unable to connect to the VPN due to warnings about an expired certificate despite the certificate being valid--is likely caused by incorrect NTP (Network Time Protocol) settings on the VPN concentrator. NTP is crucial for ensuring that the system clocks across network devices are synchronized with accurate time. Certificates have a validity period defined by start and end dates, and they rely on the system clock to determine whether they are valid or expired. If the system clock on the VPN concentrator is incorrect due to misconfigured NTP settings, the VPN concentrator may mistakenly believe that the certificate has expired when it actually hasn't. This would result in VPN clients displaying warnings about expired certificates and refusing to connect. Therefore, ensuring correct NTP configuration on the VPN concentrator is essential to resolve this issue.