ExamTopics Logo
Mail Us[email protected]
Menu
Comptia Discussions
exam questions

Exam CAS-005 All Questions

View all questions & answers for the CAS-005 exam
Go to Exam

Exam CAS-005 topic 1 question 43 discussion

Actual exam question from CompTIA's CAS-005
Question #: 43
Topic #: 1
[All CAS-005 Questions]

A security analyst identified a vulnerable and deprecated runtime engine that Is supporting a public-facing banking application. The developers anticipate the transition to modern development environments will take at least a month. Which of the following controls would best mitigate the risk without interrupting the service during the transition?

  • A. Shutting down the systems until the code is ready
  • B. Uninstalling the impacted runtime engine
  • C. Selectively blocking traffic on the affected port
  • D. Configuring IPS and WAF with signatures
Show Suggested Answer Hide Answer
Suggested Answer: D 🗳️
by vicbersong at April 29, 2025, 5:54 p.m.

Comments

Chosen Answer:
This is a voting comment (?). It is better to Upvote an existing comment if you don't have anything to add.
Switch to a voting comment New
Submit Cancel
vicbersong
1 week, 1 day ago
Selected Answer: D
❌ Why the other options are not ideal: A. Shutting down the systems until the code is ready Not viable since the application is public-facing and in active use. B. Uninstalling the impacted runtime engine Would break the application and cause downtime, defeating the goal of maintaining service continuity. C. Selectively blocking traffic on the affected port May inadvertently block legitimate users or critical functionality, and doesn’t provide nuanced protection.
upvoted 1 times
...
vicbersong
1 week, 1 day ago
Selected Answer: D
✅ D. Configuring IPS and WAF with signatures 🔍 Why this is the best option: The application must remain online during the transition to modern environments. The deprecated runtime engine presents a security risk, likely with known vulnerabilities. Deploying Intrusion Prevention Systems (IPS) and a Web Application Firewall (WAF) with custom or vendor-provided signatures can detect and block known attack patterns, SQL injection, RCE attempts, or other web-based exploits targeting the vulnerable engine — without taking the service offline.
upvoted 1 times
...
Community vote distribution
A (35%)
C (25%)
B (20%)
Other
Most Voted
A voting comment increases the vote count for the chosen answer by one.

Upvoting a comment with a selected answer will also increase the vote count towards that answer by one. So if you see a comment that you already agree with, you can upvote it instead of posting a new comment.

SaveCancel
exam
Someone Bought Contributor Access for:
SY0-701
London, 1 minute ago