Free CAS-005 Exam Questions - CompTIA CAS-005 Exam

SIMULATION

You are tasked with integrating a new B2B client application with an existing OAuth workflow that must meet the following requirements:

. The application does not need to know the users' credentials.

. An approval interaction between the users and the HTTP service must be orchestrated.

. The application must have limited access to users' data.

INSTRUCTIONS

Use the drop-down menus to select the action items for the appropriate locations. All placeholders must be filled.

SIMULATION

During the course of normal SOC operations, three anomalous events occurred and were flagged as potential IoCs. Evidence for each of these potential IoCs is provided.

INSTRUCTIONS

Review each of the events and select the appropriate analysis and remediation options for each IoC.

SIMULATION

An organization is planning for disaster recovery and continuity of operations, and has noted the following relevant findings:

1. A natural disaster may disrupt operations at Site A, which would then cause an evacuation. Users are

unable to log into the domain from-their workstations after relocating to Site B.

2. A natural disaster may disrupt operations at Site A, which would then cause the pump room at Site B

to become inoperable.

3. A natural disaster may disrupt operations at Site A, which would then cause unreliable internet

connectivity at Site B due to route flapping.

INSTRUCTIONS

Match each relevant finding to the affected host by clicking on the host name and selecting the appropriate number.

For findings 1 and 2, select the items that should be replicated to Site B. For finding 3, select the item requiring configuration changes, then select the appropriate corrective action from the drop-down menu.

SIMULATION

An IPSec solution is being deployed. The configuration files for both the VPN

concentrator and the AAA server are shown in the diagram.

Complete the configuration files to meet the following requirements:

* The EAP method must use mutual certificate-based authentication (With

issued client certificates).

* The IKEv2 Cipher suite must be configured to the MOST secure

authenticated mode of operation,

* The secret must contain at least one uppercase character, one lowercase

character, one numeric character, and one special character, and it must

meet a minimum length requirement of eight characters,

INSTRUCTIONS

Click on the AAA server and VPN concentrator to complete the configuration.

Fill in the appropriate fields and make selections from the drop-down menus.

VPN Concentrator:

AAA Server:

SIMULATION

A security engineer needs to review the configurations of several devices on the network to meet the following requirements:

* The PostgreSQL server must only allow connectivity in the 10.1.2.0/24

subnet.

* The SSH daemon on the database server must be configured to listen

to port 4022.

* The SSH daemon must only accept connections from a Single

workstation.

* All host-based firewalls must be disabled on all workstations.

* All devices must have the latest updates from within the past eight

days.

* All HDDs must be configured to secure data at rest.

* Cleartext services are not allowed.

* All devices must be hardened when possible.

Instructions:

Click on the various workstations and network devices to review the posture assessment results. Remediate any possible issues or indicate that no issue is found.

Click on Server A to review output data. Select commands in the appropriate tab to remediate connectivity problems to the pOSTGREsql DATABASE VIA ssh

WAP A

PC A

Laptop A

Switch A

Switch B:

Laptop B

PC B

PC C

Server A