ExamTopics Logo
Mail Us[email protected]
Menu
Comptia Discussions
exam questions

Exam CAS-005 All Questions

View all questions & answers for the CAS-005 exam
Go to Exam

Exam CAS-005 topic 1 question 60 discussion

Actual exam question from CompTIA's CAS-005
Question #: 60
Topic #: 1
[All CAS-005 Questions]

A company is developing an application that will be used to perform e-commerce transactions for a subscription-based service. The application must be able to use previously saved payment methods to perform recurring transactions. Which of the following is the most appropriate?

  • A. Tokenization through an HSM
  • B. Self-encrypting disks with field-level encryption
  • C. NX/XN Implementation to minimize data retention
  • D. Token-based access for application users
  • E. Address space layout randomization
Show Suggested Answer Hide Answer
Suggested Answer: A 🗳️
by vicbersong at May 1, 2025, 5:26 a.m.

Comments

Chosen Answer:
This is a voting comment (?). It is better to Upvote an existing comment if you don't have anything to add.
Switch to a voting comment New
Submit Cancel
vicbersong
1 month, 3 weeks ago
Selected Answer: A
Tokenization through a Hardware Security Module (HSM) is the most appropriate solution for securely storing and using previously saved payment methods. It allows sensitive payment data (like credit card numbers) to be replaced with non-sensitive tokens that can be used in place of the actual data to perform recurring transactions. An HSM provides secure, tamper-resistant cryptographic operations, ensuring that the real cardholder data never needs to be stored in the application, reducing PCI DSS compliance scope. Why not the others? B. Self-encrypting disks with field-level encryption: Good for protecting data at rest but doesn't solve the problem of using payment data securely for recurring transactions. C. NX/XN Implementation: Related to preventing execution of code in non-executable memory regions — irrelevant to payment data storage/usage. D. Token-based access for application users: Refers to user authentication/authorization, not payment method storage. E. Address Space Layout Randomization (ASLR): A memory protection mechanism — not applicable to secure payment data handling.
upvoted 2 times
...
Community vote distribution
A (35%)
C (25%)
B (20%)
Other
Most Voted
A voting comment increases the vote count for the chosen answer by one.

Upvoting a comment with a selected answer will also increase the vote count towards that answer by one. So if you see a comment that you already agree with, you can upvote it instead of posting a new comment.

SaveCancel