CAS-005 Exam Dumps - CompTIA SecurityX Questions and Answers

Code Snippet 1

Vulnerability 1: SQL injection

SQL injection is a type of attack that exploits a vulnerability in the code that interacts with a database. An attacker can inject malicious SQL commands into the input fields, such as username or password, and execute them on the database server. This can result in data theft, data corruption, or unauthorized access.

Fix 1: Perform input sanitization of the userid field.

Input sanitization is a technique that prevents SQL injection byvalidating and filtering the user input values before passing them to the database. The input sanitization should remove any special characters, such as quotes, semicolons, or dashes, that can alter the intended SQL query. Alternatively, the input sanitization can use a whitelist of allowed values and reject any other values.

Code Snippet 2

Vulnerability 2: Cross-site request forgery

Cross-site request forgery (CSRF) is a type of attack that exploits a vulnerability in the code that handles web requests. An attacker can trick a user into sending a malicious web request to a server that performs an action on behalf of the user, such as changing their password, transferring funds, or deleting data. This can result in unauthorized actions, data loss, or account compromise.

Fix 2: Implement anti-forgery tokens.

Anti-forgery tokens are techniques that prevent CSRF by adding a unique and secret value to each web request that is generated by the server and verified by the server before performing the action. The anti-forgery token should be different for each user and each session, and should not be predictable or reusable by an attacker. This way, only legitimate web requests from the user’s browser can be accepted by the server.

Understanding the Ransomware Issue:

The key issue here is thatbackups were not recoverable within the required RPO timeframe.

This means the organizationdid not properly testitsbackup and disaster recovery (DR) processes.

To prevent this from happening again, regular disaster recovery testing is essential.

Why Option C is Correct:

Disaster recovery testing ensures that backups are functionaland can meetbusiness continuity needs.

Frequent DR testingallows organizations to identify and fixgaps in recovery strategies.

Regular testing ensuresthat recoverymeets the RPO & RTO (Recovery Time Objective) requirements.

Why Other Options Are Incorrect:

A (Encrypt & label backup tapes):While encryption is important, it does not address thefailure to meet RPO requirements.

B (Reverting to manual business processes):While amanual continuity planis good for resilience, it doesnot resolve the backup and recovery failure.

D (Tabletop exercise & RACI matrix):Atabletop exerciseis a planning activity, butit does not involve actual recovery testing.

When using AI to fully automate the process of deciding client loan rates, the primary concern from a privacy perspective is model explainability.

Why Model Explainability is Critical:

Transparency: It ensures that the decision-making process of the AI model can be understood and explained to stakeholders, including clients.

Accountability: Helps in identifying biases and errors in the model, ensuring that the AI is making fair and unbiased decisions.

Regulatory Compliance: Various regulations require that decisions, especially those affecting individuals' financial status, can be explained and justified.

Trust: Builds trust among users and stakeholders by demonstrating that the AI decisions are transparent and justifiable.

Other options, such ascredential theft, prompt injections, and social engineering, are significant concerns but do not directly address the privacy and fairness implications of automated decision-making.

Segmentationis the best option to ensure the security of legacy badge readers that cannot be upgraded. Segmentation isolates the legacy devices on a separate network segment to minimize their exposure to potential threats. This approach reduces the attack surface by preventing unauthorized access from other parts of the network while still allowing necessary connectivity to the enterprise resource planning (ERP) system.

Vulnerability scans (B)are useful for identifying weaknesses but do not actively protect the badge readers.

Anti-malware (C)is ineffective since the badge readers use a legacy platform that likely does not support modern endpoint protection solutions.

Step-by-Step Explanation:

Runtime Application Self-Protection (RASP) (A)monitors and protects applications in real time by detecting and blocking attacks as they occur. Unlike traditional security solutions, RASP is integrated into the application itself, meaning it works regardless of the programming language used. It effectively mitigates common vulnerabilities such as SQL injection, XSS, and buffer overflows.

Dynamic Application Security Testing (DAST) (C) is a passive scanning approach that may not prevent attacks in real-time, while Network Intrusion PreventionSystems (NIPS) (D) focuses on network traffic, not application-layer security.

Incident response follows a standard process (e.g., NIST 800-61): Preparation, Identification, Containment, Eradication, Recovery, Lessons Learned. After identifying the attack (file and origin), the next step isContainment—limiting the spread or impact (e.g., isolating systems) before remediation or recovery.

Option A:Remediation (fixing the root cause) follows containment.

Option B:Correct—containment prevents further damage post-identification.

Option C:“Response” is too vague; it encompasses all steps.

Option D:Recovery (restoring systems) comes after containment and eradication.

Step by Step Explanation:

Understanding the Scenario: The organization wants a strict application control policy: deny all software execution by default and only allow specifically authorized applications. This must be enforced across all operating systems. It is implied that they mean an Allow list, but Block List is the only reasonable answer.

Analyzing the Answer Choices:

A. SELinux (Security-Enhanced Linux): SELinux is a security module for the Linux kernel that provides Mandatory Access Control (MAC). While it can enforce application control, it's specific to Linux and doesn't meet the "regardless of OS" requirement.

To mitigate the issue of excessive permissions and privilege creep, the best solutions are:

Implementing a Role-Based Access Policy:

Role-Based Access Control (RBAC): This policy ensures that access permissions are granted based on the user's role within the organization, aligning with the principle of least privilege. Users are only granted access necessary for their role, reducing the risk of excessive permissions.

Theregulated lab environment (Yes)shares the same VLAN (10.2.0.0/22) withusers, creatingzone traversalrisk from unregulated zones to sensitive datanetworks.

This allows pivoting and lateral movement from non-regulated user devices into regulated lab environments — a classiczone boundary violation.

Zone traversal should be mitigated with segmentation and firewall enforcement.

FromCAS-005, Domain 2: Risk Management and Mitigation Strategies:

“Zone traversal occurs when segmentation boundaries are misconfigured or merged, leading to regulatory and risk compliance failures.”

The most likely cause of the anti-malware alerts on customer workstations is unsecure bundled libraries. When developing and deploying new applications, it is common for developers to use third-party libraries. If these libraries are not properly vetted for security, they can introduce vulnerabilities or malicious code.

Why Unsecure Bundled Libraries?

Third-Party Risks: Using libraries that are not secure can lead to malware infections if the libraries contain malicious code or vulnerabilities.

Code Dependencies: Libraries may have dependencies that are not secure, leading to potential security risks.

Common Issue: This is a frequent issue in software development where libraries are used for convenience but not properly vetted for security.

Other options, while relevant, are less likely to cause widespread anti-malware alerts:

A. Misconfigured code commit: Could lead to issues but less likely to trigger anti-malware alerts.

C. Invalid code signing certificate: Would lead to trust issues but not typically anti-malware alerts.

D. Data leakage: Relevant for privacy concerns but not directly related to anti-malware alerts.