CAS-005 Exam Dumps : CompTIA SecurityX Certification Exam

The best answer is A. Linting . The listed problems are classic source-code quality and static-analysis findings : out-of-bounds array indexing, null dereferences, unsafe type use, unreachable code, and non-portable constructs. A linter is designed to inspect code before execution and flag these classes of issues early in the development workflow. In the official CompTIA SecurityX CAS-005 objectives, Security Engineering includes “Automation: scripting… workflow automation” and broader secure engineering practices. Using a linter fits that model because it is an automated developer-side control that improves code quality before peer review and release.

Why the other options are not correct:

B. SBoM documents software components and dependencies; it does not primarily detect unreachable code or null dereferences in custom source code. C. DAST tests a running application from the outside and is not the best tool for finding these code-level static issues before peer review. D. Branch protection is a repository control for workflow governance, not a code-analysis mechanism. E. Software composition analysis focuses mainly on third-party libraries, dependency risk, licensing, and known vulnerabilities in components, not on first-party code defects like array bounds and unreachable code.

The SIEM report shows that some devices, such as VM003 (Critical server) and NET003 (IPS), are DOWN and therefore not reporting logs. In security monitoring, the absence of log data from critical systems creates dangerous blind spots. If logs are missing, attacks can proceed undetected, or investigations may lack the data needed for incident response.

The most effective action is to perform a non-reporting device assessment (C). This means identifying and correcting issues where devices fail to send logs, whether due to outages, misconfigurations, or integration gaps. Ensuring all critical devices, especially servers and intrusion prevention systems, consistently send logs to the SIEM strengthens overall visibility and monitoring posture.

Option A (time calibration) is important for correlation accuracy but does not address missing log feeds. Option B (centralized use case library) enhances detection but only works if the SIEM is receiving complete data. Option D (resiliency plan) helps protect log retention but is irrelevant if logs are never received in the first place.

Therefore, fixing non-reporting log sources is the highest priority to improve monitoring effectiveness.