CAS-005 Exam Dumps : CompTIA SecurityX Certification Exam

Dynamic Application Security Testing (DAST) is crucial for identifying and addressing security vulnerabilities during the software development life cycle (SDLC). Ensuring that DAST scans are routinely scheduled helps in maintaining a secure development process.

Why Routine DAST Scans?

Continuous Security Assessment: Regular DAST scans help in identifying vulnerabilities in real-time, ensuring they are addressed promptly.

Compliance: Routine scans ensure that the development process complies with security standards and regulations.

Proactive Threat Mitigation: Regular scans help in early detection and mitigation of potential security threats, reducing the risk of breaches.

Integration into SDLC: Ensures security is embedded within the development process, promoting a security-first approach.

Other options, while relevant, do not directly address the continuous assessment and proactive identification of threats:

A. If developers are unable to promote to production: This is more of an operational issue than a security assessment.

B. If DAST code is being stored to a single code repository: This concerns code management rather than security testing frequency.

D. If role-based training is deployed: While important, training alone does not ensure continuous security assessment.

This scenario describes an attack where the attacker mimics the CEO’s voice to deceive the CFO, likely using AI-generated audio. According to the CompTIA SecurityX CAS-005 study guide (Domain 1: Security Strategy and Risk Management, 1.2), a deepfake attack involves using artificial intelligence to create realistic but fake audio, video, or other media to impersonate someone. In this case, the voice similarity suggests a deepfake audio attack, which is a targeted social engineering tactic.

Option A:Smishing involves SMS-based phishing, not voicecalls.

Option C:Automated exploit generation refers to creating software exploits, not impersonation.

Option D:Spear phishing targets specific individuals but typically via email, not voice-based impersonation.

Option B:Deepfake is the most accurate, as it describes AI-driven impersonation of the CEO’s voice.

The best answer is C. Correlating based on source field in batches of time . To identify trends in SIEM data, the analyst should group related events over a time window and correlate them around a common field. In this excerpt, user1 appears repeatedly across multiple alert types, including unusual authentication, access to sensitive resources, and elevated risk score. That pattern is exactly the sort of repeated behavior that becomes visible when events are correlated by source over time. CompTIA’s official SecurityX objectives in the Security Operations domain include “Data analysis: indicators of malicious activity, trend analysis, statistics, and deduplication/correlation.” That objective language directly supports this answer.

Why the other options are not best:

A narrows only one rule window and does not systematically identify trends across multiple event types. B may reduce volume, but reduction alone does not reveal trends. D is risky because noisy rules might still provide useful context, and disabling them based only on total daily alerts can hide meaningful multi-event patterns. The practical, operational ap proach is to correlate records by a shared field such as source/user across time batches so repeated suspicious behavior stands out.