CompTIA SecurityX Questions and Answers

100 questions organized by topic with detailed explanations

CompTIA
CAS-005
100 questions
4 topics
Updated May 2026

Governance, Risk, and Compliance

20 questions8 easy7 medium5 hard~20% of exam
View All
A security program manager receives audit findings indicating that security controls are not consistently applied across...An organization's security team has completed a quantitative risk assessment. The ALE for a specific threat scenario is ...What does a RACI matrix define in a security program?

Security Architecture

27 questions7 easy12 medium8 hard~27% of exam
View All
Which zero trust concept defines the relationship between the entity requesting access and the resource being accessed?Which CASB deployment mode operates by intercepting cloud traffic inline between users and cloud services?A financial services organization is adopting a hybrid cloud model. The security architect must ensure that data classif...

Security Engineering

31 questions8 easy14 medium9 hard~31% of exam
View All
A security engineer needs to automate the collection of vulnerability scan results and create remediation tickets in the...A security engineer is reviewing a vulnerability scan report and needs to prioritize remediation. Which SCAP component p...An organization is evaluating cryptographic algorithms for protecting sensitive data transmitted between IoT sensors and...

Security Operations

22 questions5 easy11 medium6 hard~22% of exam
View All
A SOC analyst is reviewing SIEM alerts and observes that a user account authenticated successfully from two geographical...Which format is used to share structured threat intelligence indicators, including IoCs, TTPs, and threat actor profiles...A threat hunting team discovers beaconing behavior in network logs: an internal host makes outbound HTTPS connections to...

All Questions

#QuestionTopicDifficulty
1Which zero trust concept defines the relationship between the entity requesting access and the resou...Security Architecture
easy
2A SOC analyst is reviewing SIEM alerts and observes that a user account authenticated successfully f...Security Operations
hard
3A security program manager receives audit findings indicating that security controls are not consist...Governance, Risk, and Compliance
hard
4Which format is used to share structured threat intelligence indicators, including IoCs, TTPs, and t...Security Operations
easy
5Which CASB deployment mode operates by intercepting cloud traffic inline between users and cloud ser...Security Architecture
easy

Sign in to see all 100 questions

Create a free account to browse all questions — completely free during our launch phase.

Sign Up FreeSign In

Ready to test your knowledge?

Take a full CompTIA SecurityX practice test with timed exam simulation.

Start Practice Test