CAS-005 CompTIA Exam Lab Questions

The best answer is D. Host-based encryption . The strongest clue is that the company has proprietary information on its hard drives and consultants must travel with company-managed devices because BYOD is prohibited. That makes protection of data at rest on the endpoint the primary concern. Host-based encryption protects the contents of the drive if a laptop is lost, stolen, or physically accessed during travel. CompTIA’s SecurityX certification emphasizes building secure solutions across complex environments and supporting resilient enterprise protection, which includes securing endpoints and sensitive data stored on them.

Why the other options are not best:

A. Virtual hardware does not directly protect the data on the hard drive if the device is lost or stolen. B. Measured boot helps validate platform integrity at startup, but it does not primarily protect confidential data at rest. C. Secure enclave can protect certain secrets and key material, but it is narrower than full host-based encryption for an entire laptop drive. Because the requirement is specifically about proprietary data on traveling endpoints, full device or host-based encryption is the most beneficial control.

The best answer is B. An attacker viewed password hashes on the device . The decisive event is sudo cat /etc/shadow SUCCESS . On Linux systems, /etc/shadow stores password hashes and related account password data. The log therefore indicates successful privileged access to that file and successful viewing of its contents. CompTIA’s SecurityX Security Operations domain includes analysis of indicators of malicious activity and investigation of suspicious system behavior; this command sequence is consistent with credential-access activity.

Why the other options are not best:

A is incorrect because there is no evidence of file injection. C is not supported because the logs show file access, not confirmed data transfer or exfiltration. D is tempting because of cd ../../ , but that is only navigation. The key security-relevant action is the successful reading of /etc/shadow , which means password hashes were viewed.

Post-Quantum Cryptography (PQC) preparation is critical to protect data against future quantum computing attacks that could break current cryptographic algorithms (e.g., RSA, ECC). According to the CompTIA SecurityX CAS-005 study guide (Domain 3: Cybersecurity Technology, 3.3), quantum computers with sufficient computational power could perform calculations (e.g., Shor’s algorithm) to decrypt data protected by traditional algorithms. PQC focuses on developing algorithms resistant to such increases in computational resources, ensuring long-term data security.

Option B:Key stretching is a technique to strengthen passwords, not related to PQC.

Option C:PQC algorithms often have higher computational costs, not improved performance.

Option D:Asymmetric encryption is not ideal for large data sets, and PQC is not specifically about this use case.

Option A:This accurately describes PQC’s purpose to safeguard data against quantum-driven decryption.

Step by Step Explanation:

Understanding the Scenario: The question describes a proactive security measure where an organization maintains a registry of software dependencies and their corresponding hashes. This registry is used to verify the integrity of software packages.

Analyzing the Answer Choices:

A. Supply chain attack: This type of attack involves compromising the software supply chain by injecting malicious code into legitimate software packages.