CAS-005 CompTIA Exam Questions and Free Practice Test

Question 13

Which of the following best describes the challenges associated with widespread adoption of homomorphic encryption techniques?

A. Incomplete mathematical primitives

B. No use cases to drive adoption

C. Quantum computers not yet capable

D. insufficient coprocessor support

Correct Answer:D
Homomorphic encryption allows computations to be performed on encrypted data without decrypting it, providing strong privacy guarantees. However, the adoption of homomorphic encryption is challenging due to several factors:
✑ A. Incomplete mathematical primitives: This is not the primary barrier as the
theoretical foundations of homomorphic encryption are well-developed.
✑ B. No use cases to drive adoption: There are several compelling use cases for
homomorphic encryption, especially in privacy-sensitive fields like healthcare and finance.
✑ C. Quantum computers not yet capable: Quantum computing is not directly related
to the challenges of adopting homomorphic encryption.
✑ D. Insufficient coprocessor support: The computational overhead of homomorphic encryption is significant, requiring substantial processing power. Current general- purpose processors are not optimized for the intensive computations required by homomorphic encryption, limiting its practical deployment. Specialized hardware or coprocessors designed to handle these computations more efficiently are not yet widely available.
References:
✑ CompTIA Security+ Study Guide
✑ "Homomorphic Encryption: Applications and Challenges" by Rivest et al.
✑ NIST, "Report on Post-Quantum Cryptography"

Question 14

Users must accept the terms presented in a captive petal when connecting to a guest network. Recently, users have reported that they are unable to access the Internet after joining the network A network engineer observes the following:
• Users should be redirected to the captive portal.
• The Motive portal runs Tl. S 1 2
• Newer browser versions encounter security errors that cannot be bypassed
• Certain websites cause unexpected re directs
Which of the following mow likely explains this behavior?

A. The TLS ciphers supported by the captive portal ate deprecated

B. Employment of the HSTS setting is proliferating rapidly.

C. Allowed traffic rules are causing the NIPS to drop legitimate traffic

D. An attacker is redirecting supplicants to an evil twin WLAN.

Correct Answer:A
The most likely explanation for the issues encountered with the captive portal is that the TLS ciphers supported by the captive portal are deprecated. Here??s why:
✑ TLS Cipher Suites: Modern browsers are continuously updated to support the latest security standards and often drop support for deprecated and insecure cipher suites. If the captive portal uses outdated TLS ciphers, newer browsers may refuse to connect, causing security errors.
✑ HSTS and Browser Security: Browsers with HTTP Strict Transport Security
(HSTS) enabled will not allow connections to sites with weak security configurations. Deprecated TLS ciphers would cause these browsers to block the connection.
✑ References:
By updating the TLS ciphers to modern, supported ones, the security engineer can ensure compatibility with newer browser versions and resolve the connectivity issues reported by users.

Question 15

A central bank implements strict risk mitigations for the hardware supply chain, including an allow list for specific countries of origin. Which of the following best describes the cyberthreat to the bank?

A. Ability to obtain components during wartime

B. Fragility and other availability attacks

C. Physical Implants and tampering

D. Non-conformance to accepted manufacturing standards

Correct Answer:C
The best description of the cyber threat to a central bank implementing strict risk mitigations for the hardware supply chain, including an allow list for specific countries of origin, is the risk of physical implants and tampering. Here??s why:
✑ Supply Chain Security: The supply chain is a critical vector for hardware tampering and physical implants, which can compromise the integrity and security of hardware components before they reach the organization.
✑ Targeted Attacks: Banks and financial institutions are high-value targets, making
them susceptible to sophisticated attacks, including those involving physical implants that can be introduced during manufacturing or shipping processes.
✑ Strict Mitigations: Implementing an allow list for specific countries aims to mitigate
the risk of supply chain attacks by limiting the sources of hardware. However, the primary concern remains the introduction of malicious components through tampering.
✑ References:

Question 16

Developers have been creating and managing cryptographic material on their personal laptops fix use in production environment. A security engineer needs to initiate a more secure process. Which of the following is the best strategy for the engineer to use?

A. Disabling the BIOS and moving to UEFI

B. Managing secrets on the vTPM hardware

C. Employing shielding lo prevent LMI

D. Managing key material on a HSM

Correct Answer:D
The best strategy for securely managing cryptographic material is to use a Hardware Security Module (HSM). Here??s why:
✑ Security and Integrity: HSMs are specialized hardware devices designed to protect and manage digital keys. They provide high levels of physical and logical security, ensuring that cryptographic material is well protected against tampering and unauthorized access.
✑ Centralized Key Management: Using HSMs allows for centralized management of cryptographic keys, reducing the risks associated with decentralized and potentially insecure key storage practices, such as on personal laptops.
✑ Compliance and Best Practices: HSMs comply with various industry standards and regulations (such as FIPS 140-2) for secure key management. This ensures that the organization adheres to best practices and meets compliance requirements.
✑ References:

Question 17

A systems administrator wants to reduce the number of failed patch deployments in an organization. The administrator discovers that system owners modify systems or applications in an ad hoc manner. Which of the following is the best way to reduce the number of failed patch deployments?

A. Compliance tracking

B. Situational awareness

C. Change management

D. Quality assurance

Correct Answer:C
To reduce the number of failed patch deployments, the systems administrator should implement a robust change management process. Change management ensures that all modifications to systems or applications are planned, tested, and approved before deployment. This systematic approach reduces the risk of unplanned changes that can cause patch failures and ensures that patches are deployed in a controlled and predictable manner.
References:
✑ CompTIA SecurityX Study Guide: Emphasizes the importance of change management in maintaining system integrity and ensuring successful patch deployments.
✑ ITIL (Information Technology Infrastructure Library) Framework: Provides best practices for change management in IT services.
✑ "The Phoenix Project" by Gene Kim, Kevin Behr, and George Spafford: Discusses the critical role of change management in IT operations and its impact on system stability and reliability.

Question 18

After remote desktop capabilities were deployed in the environment, various vulnerabilities were noticed.
• Exfiltration of intellectual property
• Unencrypted files
• Weak user passwords
Which of the following is the best way to mitigate these vulnerabilities? (Select two).

A. Implementing data loss prevention

B. Deploying file integrity monitoring

C. Restricting access to critical file services only

D. Deploying directory-based group policies

E. Enabling modem authentication that supports MFA

F. Implementing a version control system

G. Implementing a CMDB platform

Correct Answer:AE
To mitigate the identified vulnerabilities, the following solutions are most appropriate:
✑ A. Implementing data loss prevention (DLP): DLP solutions help prevent the
unauthorized transfer of data outside the organization. This directly addresses the exfiltration of intellectual property by monitoring, detecting, and blocking sensitive data transfers.
✑ E. Enabling modern authentication that supports Multi-Factor Authentication
(MFA): This significantly enhances security by requiring additional verification methods beyond just passwords. It addresses the issue of weak user passwords by making it much harder for unauthorized users to gain access, even if they obtain the password.
Other options, while useful in specific contexts, do not address all the vulnerabilities mentioned:
✑ B. Deploying file integrity monitoring helps detect changes to files but does not
prevent data exfiltration or address weak passwords.
✑ C. Restricting access to critical file services improves security but is not comprehensive enough to mitigate all identified vulnerabilities.
✑ D. Deploying directory-based group policies can enforce security policies but might not directly prevent data exfiltration or ensure strong authentication.
✑ F. Implementing a version control system helps manage changes to files but is not a security measure for preventing the identified vulnerabilities.
✑ G. Implementing a CMDB platform (Configuration Management Database) helps manage IT assets but does not address the specific security issues mentioned.
References:
✑ CompTIA Security+ Study Guide
✑ NIST SP 800-53 Rev. 5, "Security and Privacy Controls for Information Systems and Organizations"
✑ CIS Controls, "Control 13: Data Protection" and "Control 16: Account Monitoring and Control"

START CAS-005 EXAM