CA1-005 Practice Exam — 115 Free CompTIA Questions

Join Us Among the Stars

Sign Up & unlock 100% of Exam Questions

Log in / Sign up

No Strings Attached!

115Practice Questions

3Study Modes

Free

TopicSort

Question 1

Security Engineering

A security administrator is performing a gap assessment against a specific OS benchmark. The benchmark requires the following configurations be applied to endpoints:
• Full disk encryption
• Host-based firewall
• Time synchronization
• Password policies
• Application allow listing
• Zero Trust application access
Which of the following solutions best addresses the requirements? (Choose two.)

A MDM
B CASB
C SBoM
D SCAP
E SASE
F HIDS

Question 2

Security Operations

Question 3

Security Architecture

Question 4

Security Engineering

Question 5

Security Engineering

Question 6

Security Operations

Question 7

Governance, Risk, and Compliance

Question 8

Governance, Risk, and Compliance

Question 9

Security Engineering

Question 10

Security Architecture

Question 11

Security Operations

Question 12

Security Operations

Question 13

Security Architecture

Question 14

Security Engineering

Question 15

Governance, Risk, and Compliance

Question 16

Security Operations

Question 17

Security Operations

Question 18

Security Operations

Question 19

Security Operations

Question 20

Governance, Risk, and Compliance

Question 21

Security Operations

Question 22

Security Operations

Question 23

Security Engineering

Question 24

Governance, Risk, and Compliance

Question 25

Security Engineering

Page 1 of 5 • Questions 1-25 of 115

1 2 3 4 5

→

Know a question that should be here? Contribute to this exam

A financial technology firm works collaboratively with business partners in the industry to share threat intelligence within a central platform. This collaboration gives partner organizations the ability to obtain and share data associated with emerging threats from a variety of adversaries. Which of the following should the organization most likely leverage to facilitate this activity? (Choose two.)

A CWPP
B YARA
C ATT&CK
D STIX
E TAXII
F JTAG

A company plans to implement a research facility with intellectual property data that should be protected. The following is the security diagram proposed by the security architect:

Question Image

Which of the following security architect models is illustrated by the diagram?

A Identity and access management model
B Agent-based security model
C Perimeter protection security model
D Zero Trust security model

During a gap assessment, an organization notes that BYOD usage is a significant risk. The organization implemented administrative policies prohibiting BYOD usage. However, the organization has not implemented technical controls to prevent the unauthorized use of BYOD assets when accessing the organization's resources. Which of the following solutions should the organization implement to best reduce the risk of BYOD devices? (Choose two.)

A Cloud IAM, to enforce the use of token-based MFA
B Conditional access, to enforce user-to-device binding
C NAC, to enforce device configuration requirements
D PAM, to enforce local password policies
E SD-WAN, to enforce web content filtering through external proxies
F DLP, to enforce data protection capabilities

A systems administrator needs to address risks associated with corporate brand impersonation via email. The systems administrator wants a method that permits recipient servers to validate the source authenticity of emails received. Which of the following is the most appropriate?

A SPF
B DKIM
C S/MIME
D DMARC

Question 6

Security Operations

Question 7

Governance, Risk, and Compliance

Question 8

Governance, Risk, and Compliance

Question 9

Security Engineering

Question 10

Security Architecture

Question 11

Security Operations

Question 12

Security Operations

Question 13

Security Architecture

Question 14

Security Engineering

Question 15

Governance, Risk, and Compliance

Question 16

Security Operations

Question 17

Security Operations

Question 18

Security Operations

Question 19

Security Operations

Question 20

Governance, Risk, and Compliance

Question 21

Security Operations

Question 22

Security Operations

Question 23

Security Engineering

Question 24

Governance, Risk, and Compliance

Question 25

Security Engineering

A security analyst is reviewing the following log:

Question Image

Which of the following possible events should the security analyst investigate further?

A A macro that was prevented from running
B A text file containing passwords that were leaked
C A malicious file that was run in this environment
D A PDF that exposed sensitive information improperly

A global organization is reviewing potential vendors to outsource a critical payroll function. Each vendor's plan includes using local resources in multiple regions to ensure compliance with all regulations. The organization's Chief Information Security Officer is conducting a risk assessment on the potential outsourcing vendors' subprocessors. Which of the following best explains the need for this risk assessment?

A Risk mitigations must be more comprehensive than the existing payroll provider.
B Due care must be exercised during all procurement activities.
C The responsibility of protecting PII remains with the organization.
D Specific regulatory requirements must be met in each jurisdiction.

A manufacturing plant is updating its IT services. During discussions, the senior management team created the following list of considerations:
• Staff turnover is high and seasonal.
• Extreme conditions often damage endpoints.
• Losses from downtime must be minimized.
• Regulatory data retention requirements exist.
Which of the following best addresses the considerations?

A Establishing further environmental controls to limit equipment damage
B Using a non-persistent virtual desktop interface with thin clients
C Deploying redundant file servers and configuring database journaling
D Maintaining an inventory of spare endpoints for rapid deployment

A company runs a DAST scan on a web application. The tool outputs the following recommendations:
• Use Cookie prefixes.
• Content Security Policy - SameSite=strict is not set.
Which of the following vulnerabilities has the tool identified?

A RCE
B XSS
C CSRF
D TOCTOU

After a company discovered a zero-day vulnerability in its VPN solution, the company plans to deploy cloud-hosted resources to replace its current on-premises systems. An engineer must find an appropriate solution to facilitate trusted connectivity. Which of the following capabilities is the most relevant?

A Container orchestration
B Microsegmentation
C Conditional access
D Secure access service edge

A security analyst wants to use lessons learned from a prior incident response to reduce dwell time in the future. The analyst is using the following data points:

Question Image

Which of the following would the analyst most likely recommend?

A Adjusting the SIEM to alert on attempts to visit phishing sites
B Allowing TRACE method traffic to enable better log correlation
C Enabling alerting on all suspicious administrator behavior
D Utilizing allow lists on the WAF for all users using GET methods

An organization recently implemented a policy that requires all passwords to be rotated every 90 days. An administrator sees a large volume of failed sign-on logs from multiple servers that are often accessed by users. The administrator determines users are disconnecting from the RDP session but not logging off. Which of the following should the administrator do to prevent account lockouts?

A Increase the account lockout threshold.
B Enforce password complexity.
C Force daily reboots.
D Extend the allowed session length.

SIMULATION -
You are tasked with integrating a new B2B client application with an existing OAuth workflow that must meet the following requirements:
• The application does not need to know the users' credentials.
• An approval interaction between the users and the HTTP service must be orchestrated.
• The application must have limited access to users' data.

INSTRUCTIONS -
Use the drop-down menus to select the action items for the appropriate locations. All placeholders must be filled.
If at any time you would like to bring back the initial state of the simulation, please click the Reset All button.

Question Image

A security analyst is reviewing the following code in the public repository for potential risk concerns:

Question Image

Which of the following should the security analyst recommend first to remediate the vulnerability?

A Developing role-based security awareness training
B Revoking the secret used in the solution
C Purging code from public view
D Scanning the application with SAST

The material findings from a recent compliance audit indicate a company has an issue with excessive permissions. The findings show that employees changing roles or departments results in privilege creep. Which of the following solutions are the best ways to mitigate this issue? (Choose two.)

A Setting different access controls defined by business area
B Implementing a role-based access policy
C Designing a least-needed privilege policy
D Establishing a mandatory vacation policy
E Performing periodic access reviews
F Requiring periodic job rotation

During a recent assessment, a security analyst observed the following:

Question Image

Which of the following should the analyst use to address the vulnerabilities in the future?

A System image hardening
B Least privilege
C Defense in depth
D OS update

During a recent audit, a company's systems were assessed. Given the following information:

Question Image

Which of the following is the best way to reduce the attack surface?

A Deploying an EDR solution to all impacted machines in manufacturing
B Segmenting the manufacturing network with a firewall and placing the rules in monitor mode
C Setting up an IDS inline to monitor and detect any threats to the software
D Implementing an application-aware firewall and writing strict rules for the application access

A company implemented a new NAC solution based on 802.1X. However, the IT support team notices that some devices are not being enrolled in the new policies, causing access disruptions for key users. Which of the following solutions will most likely solve this issue and prevent reoccurrence?

A Include the monitoring agent and digital certificate as part of the patching/updating program, keeping all the corporate devices updated and enrolled.
B Check whether the certificate is signed by a certification authority and manually deployed to each device.
C Check all the devices without proper access, enrolling them via the solution agent and authenticating to the network.
D Implement default credentials to automate RADIUS authentication and grant access to the network if the device owner is an employee.

The security team is receiving escalated support tickets stating that one of the company's publicly available websites is not loading as expected. Given the following observations:

Question Image

Which of the following is most likely the root cause?

A A certificate signed by a global root certification authority has expired.
B A protocol mismatch error is expected to occur when using outdated browsers.
C One certificate is being bound to multiple websites on the same server.
D Subject alternative names were not used appropriately for subdomains.

An organization's load balancers have reached EOL and are scheduled to be replaced. The organization identified a new, critical vulnerability that affects an unused function of the load balancers. Which of the following are the best ways to address the risk to the organization? (Choose two.)

A Request a risk acceptance for the vulnerability indefinitely.
B Request a risk acceptance for the vulnerability for 90 days.
C Exclude the devices from vulnerability scans.
D Do not allow any network traffic to or from the hardware.
E Disable the vulnerable service.
F Immediately decommission the hardware.

After an increase in adversarial activity, a company wants to implement security measures to mitigate the risk of a threat actor using compromised accounts to mask unauthorized activity. Which of the following is the best way to mitigate the issue?

A Web application firewall
B Threat intelligence platforms
C User and entity behavior analytics
D Reverse engineering

A security engineer receives an alert from the SIEM platform indicating a possible malicious action on the internal network. The engineer generates a report that outputs the logs associated with the incident:

Question Image

Which of the following actions best enables the engineer to investigate further?

A Consulting logs from the enterprise password manager
B Searching dark web monitoring resources for exposure
C Reviewing audit logs from privileged actions
D Querying user behavior analytics data

Which of the following best describes the advantage of homomorphic encryption when compared to other encryption methodologies?

A The need for a pre-shared key is removed.
B Resource utilization is lower.
C Support for field-specific tokenization is added.
D Data integrity is protected by advanced hashing routines.

A compliance officer is reviewing the data sovereignty laws in several countries where the organization has no presence. Which of the following is the most likely reason for reviewing these laws?

A The organization is performing due diligence of potential tax issues.
B The organization has been subject to legal proceedings in countries where it has a presence.
C The organization is concerned with new regulatory enforcement in other countries.
D The organization has suffered brand reputation damage from incorrect media coverage.

An organization receives OSINT reports about an increase in ransomware targeting fileshares at peer companies. The organization wants to deploy hardening policies to its servers and workstations in order to contain potential ransomware. Which of the following should an engineer do to best achieve this goal?

A Allow only interactive log-in for users on workstations and restrict port 445 traffic to fileshares.
B Enable biometric authentication mechanisms on user workstations and block port 53 traffic.
C Instruct users to use a password manager when generating new credentials and secure port 443 traffic.
D Give users permission to rotate administrator passwords and deny port 80 traffic.

Join Us Among the Stars

CA1-005Preview

About the CA1-005 Exam

Mode Selection

Question 1

Question 2

Question 3

Question 4

Question 5

Question 6

Question 7

Question 8

Question 9

Question 10

Question 11

Question 12

Question 13

Question 14

Question 15

Question 16

Question 17

Question 18

Question 19

Question 20

Question 21

Question 22

Question 23

Question 24

Question 25

Question 6

Question 7

Question 8

Question 9

Question 10

Question 11

Question 12

Question 13

Question 14

Question 15

Question 16

Question 17

Question 18

Question 19

Question 20

Question 21

Question 22

Question 23

Question 24

Question 25