⚡️ Pass with Confidence Sale - 40% off ALL packages! ⚡️

2 days, 6 hours remaining!
00:20:00

CompTIA SecurityX Practice Test (CAS-005)

Use the form below to configure your CompTIA SecurityX Practice Test (CAS-005). The practice test can be configured to only include certain exam objectives and domains. You can choose between 5-100 questions and set a time limit.

Logo for CompTIA SecurityX CAS-005 (V5)
Questions
Number of questions in the practice test
Free users are limited to 20 questions, upgrade to unlimited
Seconds Per Question
Determines how long you have to finish the practice test
Exam Objectives
Which exam objectives should be included in the practice test

CompTIA SecurityX CAS-005 (V5) Information

What is the CompTIA SecurityX Certification?

CompTIA SecurityX is a high-level cybersecurity certification. It used to be called CASP+ but was renamed in 2024 when the CAS-005 exam was released. This certification proves that you can design and manage secure systems in big, complex businesses.

Who is SecurityX For?

SecurityX is meant for advanced IT professionals. You should have at least 10 years of general IT experience and 5 years working directly with cybersecurity. If you're a senior engineer, architect, or lead, this certification is a good fit for you.

What Topics Does It Cover?

The SecurityX exam tests your skills in four main areas:

  • Security Architecture: Building secure systems and networks
  • Security Operations: Handling incidents and keeping systems running safely
  • Governance, Risk, and Compliance: Following laws and managing risk
  • Security Engineering and Cryptography: Using encryption and secure tools

What Is the Exam Like?

  • Questions: Up to 90 questions
  • Types: Multiple-choice and performance-based (real-world problems)
  • Time: 165 minutes
  • Languages: English, Japanese, and Thai
  • Passing Score: Pass/Fail (no number score is shown)

You’ll find out if you passed right after finishing the test.

Why Take the SecurityX Exam?

SecurityX shows that you can handle high-level security work. Many jobs, especially in the government or large companies, ask for this type of certification. It’s also approved by the U.S. Department of Defense (DoD 8140.03M).

Is There a Prerequisite?

There’s no required course or other exam before SecurityX, but CompTIA strongly recommends that you have 10 years in IT and 5 years in security. Without this experience, the exam may be too hard.

Should I take the SecurityX exam?

If you're already working in cybersecurity and want to prove your skills, SecurityX is a great choice. It shows that you’re ready to lead, solve complex problems, and keep organizations secure.

Free CompTIA SecurityX CAS-005 (V5) Practice Test

Press start when you are ready, or press Change to modify any settings for the practice test.

  • Questions: 20
  • Time: Unlimited
  • Included Topics:
    Governance, Risk, and Compliance
    Security Architecture
    Security Engineering
    Security Operations
Question 1 of 20

A large financial institution relies on a critical legacy system to process high-volume payment data. The system is no longer supported by its vendor, and its architecture prevents direct modification of its authentication mechanisms. A security architect must implement a compensating control to strengthen security for administrative accounts without disrupting operations. Which of the following solutions is the MOST effective and least disruptive?

  • Mandate the integration of native multifactor authentication (MFA) for all administrative accounts on the system.

  • Deploy an agent-based Endpoint Detection and Response (EDR) solution on the legacy system.

  • Implement a Privileged Access Management (PAM) solution to act as a gateway for all administrative access.

  • Isolate the system on a new network segment protected by a stateful firewall.

Question 2 of 20

An organization relies on a widely used component that exhibits potential overflow issues. The developers have not detected an active exploit, but the security team wants to reduce the chance of problems while maintaining current operations. Which measure provides the most effective risk reduction?

  • Upgrade to the vendor’s latest release and validate patches in a controlled setting

  • Implement an allow listing approach that restricts usage by unapproved processes

  • Stop using that component in production

  • Depend on monitoring solutions that notice suspicious usage signatures

Question 3 of 20

A transit administrator oversees older equipment used to manage an automated track system. Reports indicate infiltration attempts from an external source. The team needs to keep the equipment running while stopping unauthorized activities. Which option is the best approach to meet this goal?

  • Establish distinct network segments for the older system and leverage specialized gateways

  • Schedule a lengthy shutdown to replace legacy components with modern devices

  • Apply security updates and shut all remote interfaces to prevent external traffic

  • Elevate administrative permissions so personnel can react whenever suspicious events occur

Question 4 of 20

After a red team exercise tested an enterprise from an external vantage point, which method best confirms that the security team tracked the simulated intrusion attempts throughout the environment?

  • Gathering feedback from the group that performed the simulation about systems they targeted

  • Checking user training records to confirm that employees reported suspicious communication

  • Asking workforce members to set new passwords after the evaluation ended

  • Examining detection logs to confirm that monitors recognized each critical step in the exercise

Question 5 of 20

Which approach describes the practice of regularly updating cryptographic secrets on a dedicated timetable to protect data from extended compromise?

  • Creating detailed tabletop exercises for incident response

  • Applying multi-factor authentication in access control

  • Implementing scheduled changes of cryptographic materials after a specified period

  • Monitoring system events for anomalous behavior

Question 6 of 20

An organization obtains suspicious logs from multiple external data providers and wishes to combine them with local sources for deeper analysis. Which method is BEST for maintaining a scalable, adaptable process for adding new providers swiftly?

  • Implement a scanning tool that queries each external data provider separately for suspicious indicators

  • Keep logs in separate repositories for each source and merge them manually when necessary

  • Adopt a unified platform that structures logs from external and internal sources under one flexible data model

  • Archive all event logs in a shared folder system to be searched on demand

Question 7 of 20

An organization uses a content delivery network to serve media files to a global audience. Which approach provides the highest level of confidentiality and integrity for transmitted data?

  • Using cryptographic checksums for media files stored at remote endpoints

  • Implementing location-based routing to direct traffic to the nearest data center

  • Transferring content between the user's device and the origin with consistent encryption

  • Deactivating encryption at edge servers for performance gains, then re-encrypting afterward

Question 8 of 20

An organization is located in an area that often faces extended service disruptions. Leadership wants to ensure vital functions remain operational with minimal delay if an incident occurs. Which approach best addresses their goal?

  • Maintaining a second location equipped for operations with replication of operational data in near real-time

  • Storing hardware in a remote location until needed to rebuild systems

  • Periodic backups stored in an offsite archive

  • Configuring a dormant environment with occasional functionality testing

Question 9 of 20

A cloud-hosted generative-AI platform allows users to install community plug-ins that extend core functionality. During a security review, engineers notice that several third-party plug-ins request administrator-level API scopes and perform no authorization checks before invoking privileged back-end services.

Which of the following controls would MOST effectively prevent a malicious or compromised plug-in from executing unintended high-privilege actions in the production environment?

  • Store plug-in service credentials in environment variables instead of source code

  • Enable verbose audit logging of all plug-in activity and review the logs weekly

  • Increase the default OAuth token lifetime so plug-ins do not need to re-authenticate frequently

  • Enforce role-based access control and least-privilege scopes for each plug-in, combined with sandbox isolation

Question 10 of 20

Your board of directors wants to adopt a widely recognized framework from a professional association to unify enterprise goals and technology oversight in order to measure and improve security controls across various business processes. Which approach achieves this goal effectively?

  • Implement a set of guidelines that defines responsibilities, measurable targets, and control requirements across multiple domains to strengthen governance

  • Follow an agile software development reference that highlights frequent feature releases and code integration events

  • Use a standard mandating financial data controls and vendor contract reviews for payment transactions

  • Adopt a privacy rule with a focus on handling personal information and administrative documentation

Question 11 of 20

An organization wants to provide unified sign-in across multiple partner groups that manage their own user directories. Which of the following methods best satisfies shared authentication across these distinct environments while avoiding separate credential stores?

  • Adopt a multi-device validation step before users connect to each environment

  • Use a trust-based integration among each partner’s identity provider

  • Require every remote user to register separate domain accounts within the host environment

  • Create a local directory that consolidates all partner credentials into a single internal system

Question 12 of 20

An organization is setting up a new database in a restricted environment. Which measure helps reduce the threat surface while enabling vital processes to run?

  • Deactivate unnecessary features and patch core services to reduce risks.

  • Enable remote administration through secure networks for controlled access.

  • Integrate legacy systems using appropriate modules without relying on unsupported software.

  • Configure permissions to allow application access when needed.

Question 13 of 20

Which technique provides the strongest assurance that stored log data remains untampered and can be validated for forensic or compliance purposes?

  • Generate a digital fingerprint for each log entry and maintain it in a separate location

  • Encrypt the logs with a key and save them locally on one repository

  • Make a copy of the logs on a shared folder that includes restricted user access

  • Mask specific fields in the logs to conceal details from unauthorized viewers

Question 14 of 20

A business has combined operations with another organization, bringing new staff, resources, and networks together. The security department wants to minimize infiltration risks while ensuring daily activities can proceed. Which action best addresses these factors?

  • Designate incoming systems to a single person who manages access without broader evaluations

  • Shut down operational services whenever a newly integrated system goes live

  • Have newly combined teams sign staff agreements and skip further vulnerability checks

  • Conduct a multi-step security gap assessment with data flow reviews to understand new infiltration channels

Question 15 of 20

An online retailer’s security team has observed specialized attacks on its network. The manager proposes joining a membership-based group that focuses on sharing critical data regarding adversary methods with organizations in the same sector. Which approach is most effective for gathering targeted alerts and tactical guidance to improve defenses?

  • Collaborate with a sector-specific membership group that provides intelligence reports

  • Engage an external monitoring provider for threat detection services

  • Rely on publicly available data portals for broad threat feeds

  • Implement an enterprise honeynet for collecting adversary tactics on the internal network

Question 16 of 20

During a routine audit, the engineering team found suspicious entries in name resolution logs, resulting in misdirection to harmful sites even when employees use correct addresses. Which step best addresses the underlying issue and helps keep record integrity intact going forward?

  • Deploy cryptographic verification for domain entries

  • Enable captive portal login for guest connections

  • Require password changes for all employees

  • Perform periodic restarts of domain controllers

Question 17 of 20

An organization completes a merger and brings in a new set of employees. Some individuals are unsure who reviews alerts or how to share suspicious events. Which condition raises the chance that vulnerabilities get overlooked and hinder modeling?

  • Centralization of management oversight and guidance

  • Omission of advanced analysis tools

  • Deployment of perimeter network protection equipment

  • Unclear staff responsibilities for incident handling

Question 18 of 20

A team discovers several weaknesses in an application that is widely used across multiple departments. They want to address these issues using a structured process and reduce the chance of repeated findings in future evaluations. Which measure is most appropriate for this situation?

  • Remove the application from production and wait for new hardware before reactivating

  • Develop a structured remediation process with scheduled patch cycles and track the results

  • Set up manual scans once each year to limit inaccurate readings

  • Use a single filtering device that stops all inbound activity on the entire network

Question 19 of 20

A security architect at a large financial services company discovers that the IT department cannot produce a complete inventory of its server assets. This lack of visibility has led to several security incidents where unpatched, unknown systems were compromised. The architect needs to recommend a foundational solution that will serve as a single source of truth for all IT components and their relationships to improve overall security posture.

Which of the following should the architect recommend implementing?

  • A Security Information and Event Management (SIEM) system

  • A federated vulnerability scanning solution

  • A Configuration Management Database (CMDB)

  • A Governance, Risk, and Compliance (GRC) tool

Question 20 of 20

Which method is best for confirming that newly introduced features do not introduce weaknesses after multiple iterations?

  • Review advanced components based on project scope and requirements.

  • Perform manual scans at regular intervals.

  • Conduct systematic checks within an automated pipeline for ongoing feedback.

  • Perform an audit when development milestones are achieved.