CompTIA CA1-005 - CompTIA SecurityX Exam
Page: 2 / 23
Total 115 questions
Question #6 (Topic: Exam A)
A manufacturing plant is updating its IT services. During discussions, the senior management team created the following list of considerations:
• Staff turnover is high and seasonal.
• Extreme conditions often damage endpoints.
• Losses from downtime must be minimized.
• Regulatory data retention requirements exist.
Which of the following best addresses the considerations?
• Staff turnover is high and seasonal.
• Extreme conditions often damage endpoints.
• Losses from downtime must be minimized.
• Regulatory data retention requirements exist.
Which of the following best addresses the considerations?
A. Establishing further environmental controls to limit equipment damage
B. Using a non-persistent virtual desktop interface with thin clients
C. Deploying redundant file servers and configuring database journaling
D. Maintaining an inventory of spare endpoints for rapid deployment
Answer: B
Question #7 (Topic: Exam A)
A company runs a DAST scan on a web application. The tool outputs the following recommendations:
• Use Cookie prefixes.
• Content Security Policy - SameSite=strict is not set.
Which of the following vulnerabilities has the tool identified?
• Use Cookie prefixes.
• Content Security Policy - SameSite=strict is not set.
Which of the following vulnerabilities has the tool identified?
A. RCE
B. XSS
C. CSRF
D. TOCTOU
Answer: C
Question #8 (Topic: Exam A)
A company hired an email service provider called my-email.com to deliver company emails. The company started having several issues during the migration. A security engineer is troubleshooting and observes the following configuration snippet:
Which of the following should the security engineer modify to fix the issue? (Choose two.)
Which of the following should the security engineer modify to fix the issue? (Choose two.)
A. The email CNAME record must be changed to a type A record pointing to 192.168.1.11
B. The TXT record must be changed to "v=dmarc ip4:192.168.1.10 include:my-email.com ~all"
C. The srv01 A record must be changed to a type CNAME record pointing to the email server
D. The email CNAME record must be changed to a type A record pointing to 192.168.1.10
E. The TXT record must be changed to "v=dkim ip4:192.168.1.11 include :my-email.com ~all"
F. The TXT record must be changed to "v=spf ip4:192.168.1.10 include :my-email.com ~all"
G. The srv01 A record must be changed to a type CNAME record pointing to the web01 server
Answer: DF
Question #9 (Topic: Exam A)
A security analyst is reviewing the following log:
Which of the following possible events should the security analyst investigate further?
Which of the following possible events should the security analyst investigate further?
A. A macro that was prevented from running
B. A text file containing passwords that were leaked
C. A malicious file that was run in this environment
D. A PDF that exposed sensitive information improperly
Answer: C
Question #10 (Topic: Exam A)
After a company discovered a zero-day vulnerability in its VPN solution, the company plans to deploy cloud-hosted resources to replace its current on-premises systems. An engineer must find an appropriate solution to facilitate trusted connectivity. Which of the following capabilities is the most relevant?
A. Container orchestration
B. Microsegmentation
C. Conditional access
D. Secure access service edge
Answer: D
