CAS-005
Security Engineering
medium
Question 7 of 31

A security engineer is automating vulnerability remediation across 2,000 cloud instances. The engineer wants to apply patches using a declarative infrastructure-as-code approach that defines the desired end state. Which tool is MOST appropriate?

AA custom Python script using the cloud provider's SDK
BAnsible playbooks that define the desired configuration state
CA manual SSH-based patching script scheduled via cron
DNessus scheduled scans with auto-remediation enabled

More Security Engineering Questions

31 questions

Full CompTIA SecurityX Practice Test

All topics covered

All CompTIA SecurityX Questions

Browse by topic

Related Questions

Which SCAP component provides a standardized naming scheme for software flaws and security vulnerabi...

easy

Which cryptographic technique allows computation on encrypted data without first decrypting it?...

easy

Which cryptographic property ensures that past session keys cannot be compromised even if the long-t...

easy

Which SOAR capability allows a security operations team to define automated responses to specific al...

easy

A security engineer is reviewing a vulnerability scan report and needs to prioritize remediation. Wh...

medium
View all Security Engineering questions

Educational Content — CertQnA practice questions are written against official exam objectives, covering the same domains tested on the real exam. All content is original and independent — not actual exam questions, not affiliated with any certification vendor. Learn more about our content policy

Discussion

Be the first to share your understanding of this concept

⚠️ Discussion is for concept clarification only. Do not share or request actual exam questions or answers.

Sign in to join the discussion

Sign InCreate free account