CompTIA CA1-005 - CompTIA SecurityX Exam
Page: 1  / 23
							Total 115 questions
						
								Question #1 (Topic: Exam A)
								
							
							
																A company plans to implement a research facility with intellectual property data that should be protected. The following is the security diagram proposed by the security architect:

Which of the following security architect models is illustrated by the diagram?
																										
							
						
Which of the following security architect models is illustrated by the diagram?
 A. Identity and access management model 
 B. Agent-based security model 
 C. Perimeter protection security model 
 D. Zero Trust security model 
								
								
									Answer: D
								
								
								Question #2 (Topic: Exam A)
								
							
							
																A financial technology firm works collaboratively with business partners in the industry to share threat intelligence within a central platform. This collaboration gives partner organizations the ability to obtain and share data associated with emerging threats from a variety of adversaries. Which of the following should the organization most likely leverage to facilitate this activity? (Choose two.)
								
																										
							
						
 A. CWPP 
 B. YARA 
 C. ATT&CK 
 D. STIX 
 E. TAXII 
 F. JTAG 
								
								
									Answer: DE
								
								
								Question #3 (Topic: Exam A)
								
							
							
																During a gap assessment, an organization notes that BYOD usage is a significant risk. The organization implemented administrative policies prohibiting BYOD usage. However, the organization has not implemented technical controls to prevent the unauthorized use of BYOD assets when accessing the organization's resources. Which of the following solutions should the organization implement to best reduce the risk of BYOD devices? (Choose two.)
								
																										
							
						
 A. Cloud IAM, to enforce the use of token-based MFA 
 B. Conditional access, to enforce user-to-device binding 
 C. NAC, to enforce device configuration requirements 
 D. PAM, to enforce local password policies 
 E. SD-WAN, to enforce web content filtering through external proxies 
 F. DLP, to enforce data protection capabilities 
								
								
									Answer: BC
								
								
								Question #4 (Topic: Exam A)
								
							
							
																A security administrator is performing a gap assessment against a specific OS benchmark. The benchmark requires the following configurations be applied to endpoints:
• Full disk encryption
• Host-based firewall
• Time synchronization
• Password policies
• Application allow listing
• Zero Trust application access
Which of the following solutions best addresses the requirements? (Choose two.)
																										
							
						• Full disk encryption
• Host-based firewall
• Time synchronization
• Password policies
• Application allow listing
• Zero Trust application access
Which of the following solutions best addresses the requirements? (Choose two.)
 A. MDM 
 B. CASB 
 C. SBoM 
 D. SCAP 
 E. SASE 
 F. HIDS 
								
								
									Answer: AF
								
								
								Question #5 (Topic: Exam A)
								
							
							
																A global organization is reviewing potential vendors to outsource a critical payroll function. Each vendor's plan includes using local resources in multiple regions to ensure compliance with all regulations. The organization's Chief Information Security Officer is conducting a risk assessment on the potential outsourcing vendors' subprocessors. Which of the following best explains the need for this risk assessment?
								
																	
							
						
 A. Risk mitigations must be more comprehensive than the existing payroll provider. 
 B. Due care must be exercised during all procurement activities. 
 C. The responsibility of protecting PII remains with the organization. 
 D. Specific regulatory requirements must be met in each jurisdiction. 
								
								
									Answer: C
								
								 
							 
									