top of page

CompTIA SecurityX Sample Questions for CAS-005 Exam Preparation

  • CertiMaan
  • Oct 24
  • 7 min read

Boost your cybersecurity certification journey with this curated set of CompTIA SecurityX sample questions crafted for the CAS-005 exam. These expert-designed practice questions simulate real-world security challenges across domains like enterprise security architecture, risk management, cryptography, and incident response. Perfect for experienced IT professionals aiming to validate their advanced security skills, this guide includes SecurityX dumps, mock exams, and scenario-based exercises to build practical knowledge and exam confidence. Prepare for CompTIA’s toughest security exam with our trusted resource and ensure your readiness to tackle the CAS-005 with success.



CompTIA SecurityX Sample Questions List :


1. A security engineer is assessing a new tool to segment data and communications between domains. The assessment must determine how data transmission controls can be bypassed without detection. Which of the following techniques should the security engineer use?

  1. Machine-learning statistical analysis

  2. Fuzz testing

  3. Covert channel analysis

  4. Protocol analysis

2. A global organization is reviewing potential vendors to outsource a critical payroll function. Each vendor's plan includes using local resources in multiple regions to ensure compliance with all regulations. The organization's Chief Information Security Officer is conducting a risk assessment on the potential outsourcing vendors' subprocessors. Which of the following best explains the need for this risk assessment?

  1. Risk mitigations must be more comprehensive than the existing payroll provider

  2. Due care must be exercised during all procurement activities

  3. The responsibility of protecting PII remains with the organization

  4. Specific regulatory requirements must be met in each jurisdiction

3. An organization wants to implement a platform to better identify which specific assets are affected by a given vulnerability. Which of the following components provides the best foundation to achieve this goal?

  1. SASE

  2. CMDB

  3. SBoM

  4. SIEM

4. A company hired a third-party consultant to run a cybersecurity incident simulation in order to identify security gaps and prepare stakeholders for a potential incident. Which of the following best describes this activity?

  1. Tabletop exercise

  2. Walk-through review

  3. Lessons learned

  4. Business impact analysis

5. A company is rewriting a vulnerable application and adding the mprotect() system call in multiple parts of the application's code that was being leveraged by a recent exploitation tool. Which of the following should be enabled to ensure the application can leverage the new system call against similar attacks in the future?

  1. TPM

  2. Secure boot

  3. NX bit

  4. HSM

6. A systems administrator at a web-hosting provider has been tasked with renewing the public certificates of all customer sites. Which of the following would best support multiple domain names while minimizing the amount of certificates needed?

  1. OCSP

  2. CRL

  3. SAND. CA

7. Which of the following best describes a risk associated with using facial recognition to locally authenticate to a mobile device?

  1. Data remanence

  2. Deepfake

  3. Metadata scraping

  4. Biometric impersonation

8. A security team receives alerts regarding impossible travel and possible brute-force attacks after normal business hours. After reviewing more logs, the team determines that specific users were targeted and attempts were made to transfer data to an unknown site. Which of the following should the team do to help mitigate these issues?

  1. Create a firewall rule to prevent those users from accessing sensitive data

  2. Restrict uploading activity to only authorized sites

  3. Enable packet captures to continue to run for the source and destination related to the file transfer

  4. Disable login activity for those users after business hours

9. A security researcher tells a company that one of its solutions is vulnerable to buffer overflow, leading to a malicious coding execution. Which of the following is the best way to avoid this vulnerability in future versions?

  1. Testing for CSRF vulnerabilities before the application goes to production

  2. Using SAST tools to find vulnerabilities as part of the pipeline

  3. Implementing canary protection in an earlier life-cycle stage

  4. Implementing pair programming to improve development capabilities

10. A security architect recommends replacing the company's monolithic software application with a containerized solution. Historically, secrets have been stored in the application's configuration files. Which of the following changes should the security architect make in the new system?

  1. Use a secrets management tool

  2. Save secrets in key escrow

  3. Store the secrets inside the Dockerfiles

  4. Run all Dockerfiles in a randomized namespace

11. A security administrator is setting up a virtualization solution that needs to run services from a single host. Each service should be the only one running in its environment. Each environment needs to have its own operating system as a base but share the kernel version and properties of the running host. Which of the following technologies would best meet these requirements?

  1. Containers

  2. Type 1 hypervisor

  3. Type 2 hypervisor

  4. Virtual desktop infrastructure

  5. Emulation

12. Users are experiencing a variety of issues when trying to access corporate resources. Examples include: • Connectivity issues between local computers and file servers between branch offices • Inability to download corporate applications on mobile endpoints while working remotely • Certificate errors when accessing internal web applications Which of the following actions are the most relevant when troubleshooting the reported issues? (Choose two.)

  1. Review VPN throughput

  2. Check IDS rules

  3. Restore static content on the CDN

  4. Enable secure authentication using NAC

  5. Implement advanced WAF rules

  6. Validate MDM asset compliance

13. A financial technology firm works collaboratively with business partners in the industry to share threat intelligence within a central platform. This collaboration gives partner organizations the ability to obtain and share data associated with emerging threats from a variety of adversaries. Which of the following should the organization most likely leverage to facilitate this activity? (Choose two.)

  1. CWPP

  2. YARA

  3. ATT&CK

  4. STIX

  5. TAXII

  6. JTAG

14. An ISAC supplied recent threat intelligence information about pictures used on social media that provide reconnaissance of systems in use in secure facilities. In response, the Chief Information Security Officer (CISO) wants several configuration changes implemented via the MDM to ensure the following: • Camera functions and location services are blocked for corporate mobile devices. • All social media is blocked on the corporate and guest wireless networks. Which of the following is the CISO practicing to safeguard against the threat?

  1. Adversary emulation

  2. Operational security

  3. Open-source intelligence

  4. Social engineering

15. A security analyst received the following finding from a cloud security assessment tool: Virtual Machine Data Disk is encrypted with the default encryption key. Because the organization hosts highly sensitive data files, regulations dictate it must be encrypted so It is unreadable to the CSP. Which of the following should be implemented to remediate the finding and meet the regulatory requirement? (Choose two.)

  1. Disk encryption with customer-provided keys

  2. Disk encryption with keys from a third party

  3. Row-level encryption with a key escrow

  4. File-level encryption with cloud vendor-provided keys

  5. File-level encryption with customer-provided keys

  6. Disk-level encryption with a cross-signed certificate

16. A retail organization wants to properly test and verify its capabilities to detect and/or prevent specific TTPs as mapped to the MITRE ATTACK framework specific to APTs. Which of the following should be used by the organization to accomplish this goal?

  1. Tabletop exercise

  2. Penetration test

  3. Sandbox detonation

  4. Honeypot

17. A developer needs to improve the cryptographic strength of a password-storage component in a web application without completely replacing the crypto-module. Which of the following is the most appropriate technique?

  1. Key splitting

  2. Key escrow

  3. Key rotation

  4. Key encryption

  5. Key stretching

18. Several unlabeled documents in a cloud document repository contain cardholder information. Which of the following configuration changes should be made to the DLP system to correctly label these documents in the future?

  1. Digital rights management

  2. Network traffic decryption

  3. Regular expressions

  4. Watermarking

19. A security engineer needs to ensure production containers are automatically scanned for vulnerabilities before they are accepted into the production environment. Which of the following should the engineer use to automatically incorporate vulnerability scanning on every commit?

  1. Code repository

  2. CI/CD pipeline

  3. Integrated development environment

  4. Container orchestrator

20. While performing mandatory monthly patch updates on a production application server, the security analyst reports an instance of buffer overflow for a new application that was migrated to the cloud and is also publicly exposed. Security policy requires that only internal users have access to the application. Which of the following should the analyst implement to mitigate the issues reported? (Choose two.)

  1. Configure firewall rules to block all external traffic

  2. Enable input validation for all fields

  3. Enable automatic updates to be installed on all servers

  4. Configure the security group to enable external traffic

  5. Set up a DLP policy to alert for exfiltration on all application servers

  6. Enable nightly vulnerability scans

21. During an adversarial simulation exercise, an external team was able to gain access to sensitive information and systems without the organization detecting this activity. Which of the following mitigation strategies should the organization use to best resolve the findings?

  1. Configuring a honeypot for adversary characterization

  2. Leveraging simulators for attackers

  3. Setting up a honey network for attackers

  4. Utilizing decoy accounts and documents

22. Which of the following best describes the challenges associated with widespread adoption of homomorphic encryption techniques?

  1. Incomplete mathematical primitives

  2. No use cases to drive adoption

  3. Quantum computers not yet capable

  4. Insufficient coprocessor support

23. Two companies that recently merged would like to unify application access between the companies, without initially merging internal authentication stores. Which of the following technical strategies would best meet this objective?

  1. Federation

  2. RADIUS

  3. TACACS+

  4. MFA

  5. ABAC

24. A company is developing an application that will be used to perform e-commerce transactions for a subscription-based service. The application must be able to use previously saved payment methods to perform recurring transactions. Which of the following is the most appropriate?

  1. Tokenization through an HSM

  2. Self-encrypting disks with field-level encryption

  3. NX/XN Implementation to minimize data retention

  4. Token-based access for application users

  5. Address space layout randomization

25. An organization needs to classify its systems and data in accordance with external requirements. Which of the following roles is best qualified to perform this task?

  1. Systems administrator

  2. Data owner

  3. Data processor

  4. Data custodian

  5. Data steward


FAQs


1. What is the CompTIA CASP+ CAS-005 certification exam?

The CompTIA CASP+ CAS-005 is an advanced-level certification that validates enterprise security skills for designing, implementing, and managing cybersecurity solutions.

2. How do I become CompTIA CASP+ CAS-005 certified?

To earn the certification, register for and pass the CAS-005 exam, which tests your technical skills in enterprise security architecture, risk management, and incident response.

3. What are the prerequisites for the CompTIA CASP+ CAS-005 exam?

There are no mandatory prerequisites, but CompTIA recommends Security+ certification and at least 10 years of IT experience (with 5 years in security).

4. How much does the CompTIA CASP+ CAS-005 certification cost?

The exam costs approximately $494 USD, though it may vary by location.

5. How many questions are in the CompTIA CASP+ CAS-005 exam?

The exam includes up to 90 performance-based and multiple-choice questions.

6. What topics are covered in the CompTIA CASP+ CAS-005 exam?

It covers enterprise security, risk analysis, architecture, integration, and technical research.

7. How difficult is the CompTIA CASP+ CAS-005 certification exam?

It’s an expert-level exam that requires a deep understanding of complex cybersecurity principles and hands-on problem-solving.

8. How long does it take to prepare for the CompTIA CASP+ CAS-005 exam?

Most professionals take 10–14 weeks of study and practice to prepare thoroughly.

9. What jobs can I get after earning the CompTIA CASP+ CAS-005 certification?

You can work as a Security Architect, Senior Security Engineer, SOC Manager, or Technical Lead Analyst.

10. How much salary can I earn with a CompTIA CASP+ CAS-005 certification?

Professionals typically earn between $110,000–$140,000 annually, depending on experience and job role.


Recent Posts

See All

Comments

Rated 0 out of 5 stars.
No ratings yet
Add a rating
CertiMaan Logo

​​

Terms Of Use     |      Privacy Policy     |      Refund Policy    

   

 Copyright © 2011 - 2025  Ira Solutions -   All Rights Reserved

Disclaimer:: 

The content provided on this website is for educational and informational purposes only. We do not claim any affiliation with official certification bodies, including but not limited to Pega, Microsoft, AWS, IBM, SAP , Oracle , PMI, or others.

All practice questions, study materials, and dumps are intended to help learners understand exam patterns and enhance their preparation. We do not guarantee certification results and discourage the misuse of these resources for unethical purposes.

PayU logo
Razorpay logo
bottom of page