SecurityX

CERTIFICATION

Xpert Series

CompTIA SecurityX
Certification Exam
Objectives
EXAM NUMBER: CAS-005

CompTIA SecurityX CAS-005 Certification Exam: Exam Objectives Version 1.0

Copyright © 2023 CompTIA, Inc. All rights reserved.
About the Exam
The CompTIA SecurityX (formerly CASP+) certification exam will certify the successful candidate has the knowledge
and skills required to:

• Architect, engineer, integrate, and implement secure solutions across complex environments to support a resilient
enterprise.
• Use automation, monitoring, detection, and incident response to proactively support ongoing security
• operations in an enterprise environment.
• Apply security practices to cloud, on-premises, and hybrid environments.
• Consider cryptographic technologies and techniques, as well as the impact of emerging trends (e.g.,
• artificial intelligence) on information security.
• Use the appropriate governance, compliance, risk management, and threat-modeling strategies throughout the
enterprise.

EXAM ACCREDITATION
The CompTIA SecurityX exam is accredited by ANSI to show compliance with the ISO 17024 standard and, as
such, undergoes regular reviews and updates to the exam objectives.

EXAM DEVELOPMENT
CompTIA exams result from subject matter expert workshops and industry-wide survey results regarding the
skills and knowledge required of an IT professional.

COMPTIA AUTHORIZED MATERIALS USE POLICY

CompTIA Certifications, LLC is not affiliated with and does not authorize, endorse, or condone utilizing any content
provided by unauthorized third-party training sites (aka “brain dumps”). Individuals who utilize such materials in
preparation for any CompTIA examination will have their certifications revoked and be suspended from future
testing in accordance with the CompTIA Candidate Agreement. In an effort to more clearly communicate CompTIA’s
exam policies on use of unauthorized study materials, CompTIA directs all certification candidates to the CompTIA
Certification Exam Policies. Please review all CompTIA policies before beginning the study process for any CompTIA
exam. Candidates will be required to abide by the CompTIA Candidate Agreement. If a candidate has a question
as to whether study materials are considered unauthorized (aka “brain dumps”), they should contact CompTIA at
[email protected] to confirm.

PLEASE NOTE
The lists of examples provided in bulleted format are not exhaustive lists. Other examples of technologies,
processes, or tasks pertaining to each objective may also be included on the exam, although not listed or
covered in this objectives document. CompTIA is constantly reviewing the content of our exams and updating
test questions to be sure our exams are current, and the security of the questions is protected. When necessary,
we will publish updated exams based on existing exam objectives. Please know that all related exam preparation
materials will still be valid.

CompTIA SecurityX CAS-005 Certification Exam: Exam Objectives Version 1.0

Copyright © 2023 CompTIA, Inc. All rights reserved.
TEST DETAILS
Required exam CAS-005
Number of questions Maximum of 90
Types of questions Multiple-choice, performance-based
Length of test 165 minutes
Recommended experience Minimum of 10 years of general, hands-on IT experience that includes
at least 5 years of broad, hands-on IT security experience.
Passing Score Pass/fail only; no scaled score

EXAM OBJECTIVES (DOMAINS)

The table below lists the domains measured by this examination and the extent to which they are represented.

DOMAIN PERCENTAGE OF EXAMINATION

1.0 Governance, Risk, and Compliance 20%

2.0 Security Architecture 27%
3.0 Security Engineering 31%
4.0 Security Operations 22%

Total 100%

CompTIA SecurityX CAS-005 Certification Exam: Exam Objectives Version 1.0

Copyright © 2023 CompTIA, Inc. All rights reserved.
 1.0 Governance, Risk, and Compliance
1.1 Given a set of organizational security requirements, implement the appropriate governance
components.

• Security program documentation • Governance frameworks • Data governance in

− Policies − Control Objectives for Information staging environments
− Procedures and Related Technologies (COBIT) − Production
− Standards − Information Technology − Development
− Guidelines Infrastructure Library (ITIL) − Testing
− Quality assurance (QA)
• Security program management • Change/configuration management − Data life cycle management
− Awareness and training − Asset management life cycle
գ Phishing − Configuration management
գ Security database (CMDB)
գ Social engineering − Inventory
գ Privacy
գ Operational security • Governance risk and
գ Situational awareness compliance (GRC) tools
− Communication − Mapping
− Reporting − Automation
− Management commitment − Compliance tracking
− Responsible, accountable, − Documentation
consulted, and informed − Continuous monitoring
(RACI) matrix

1.2 Given a set of organizational security requirements, perform risk management activities.

• Impact analysis • Confidentiality risk considerations

− Extreme but plausible scenarios − Data leak response
− Sensitive/privileged data breach
• Risk assessment and management − Incident response testing
− Quantitative vs. qualitative analysis − Reporting
− Risk assessment frameworks − Encryption
− Appetite/tolerance
− Risk prioritization • Integrity risk considerations
− Severity impact − Remote journaling
− Remediation − Hashing
− Validation − Interference
− Antitampering
• Third-party risk management
− Supply chain risk • Privacy risk considerations
− Vendor risk − Data subject rights
− Subprocessor risk − Data sovereignty
− Biometrics
• Availability risk considerations
− Business continuity/disaster recovery • Crisis management
գ Testing • Breach response
− Backups
գ Connected
գ Disconnected

CompTIA SecurityX CAS-005 Certification Exam: Exam Objectives Version 1.0

Copyright © 2023 CompTIA, Inc. All rights reserved.
 1.0 | Governance, Risk and Compliance

1.3 Explain how compliance affects information security strategies.

• Awareness of industry- and Technology Cybersecurity − Legal holds

specific compliance Framework (NIST CSF) − Due diligence
− Healthcare − Center for Internet Security (CIS) − Due care
− Financial − Cloud Security Alliance (CSA) − Export controls
− Government − Contractual obligations
− Utilities • Audits vs. assessments
vs. certifications
• Industry standards − External
− Payment Card Industry Data − Internal
Security Standard (PCI DSS)
− International Organization for • Privacy regulations
Standardization/International − General Data Protection
Electrotechnical Commission Regulation (GDPR)
(ISO/IEC) 27000 series − California Consumer
− Digital Markets Act (DMA) Privacy Act (CCPA)
− General Data Protection Law (LGPD)
• Security and reporting frameworks − Children’s Online Privacy
− Benchmarks Act (COPPA)
− Foundational best practices
− System and Organization • Awareness of cross-jurisdictional
Controls 2 (SOC 2) compliance requirements
− National Institute of Standards − e-discovery

1.4 Given a scenario, perform threat-modeling activities.

• Actor characteristics − Spoofing, Tampering, Repudiation, • Methods

− Motivation Information Disclosure, Denial − Abuse cases
գ Financial of Service, and Elevation − Antipatterns
գ Geopolitical of Privilege (STRIDE) − Attack trees/graphs
գ Activism − Open Web Application
գ Notoriety Security Project (OWASP) • Modeling applicability of threats
գ Espionage to the organization/environment
− Resources • Attack surface determination − With an existing system in place
գ Time − Architecture reviews գ Selection of appropriate controls
գ Money − Data flows − Without an existing system in place
− Capabilities − Trust boundaries
գ Supply chain access − Code reviews
գ Vulnerability creation − User factors
գ Knowledge − Organizational change
գ Exploit creation գ Mergers
գ Acquisitions
• Attack patterns գ Divestitures
• Frameworks գ Staffing changes
− MITRE Adversarial Tactics, − Enumeration/discovery
Techniques, and Common գ Internally and externally
Knowledge (ATT&CK) facing assets
− Common Attack Pattern գ Third-party connections
Enumeration and գ Unsanctioned assets/accounts
Classification (CAPEC) գ Cloud services discovery
− Cyber Kill Chain գ Public digital presence
− Diamond Model of Intrusion Analysis

CompTIA SecurityX CAS-005 Certification Exam: Exam Objectives Version 1.0

Copyright © 2023 CompTIA, Inc. All rights reserved.
 1.0 | Governance, Risk and Compliance

1.5 Summarize the information security challenges associated with artificial intelligence (AI)
adoption.

• Legal and privacy implications − AI pipeline injections

− Potential misuse − Social engineering
− Explainable vs. non-explainable models − Automated exploit generation
− Organizational policies on the use of AI
− Ethical governance • Risks of AI usage
− Overreliance
• Threats to the model − Sensitive information disclosure
− Prompt injection գ To the model
− Insecure output handling գ From the model
− Training data poisoning − Excessive agency of the AI
− Model denial of service (DoS)
− Supply chain vulnerabilities • AI-enabled assistants/digital workers
− Model theft − Access/permissions
− Model inversion − Guardrails
− Data loss prevention (DLP)
• AI-enabled attacks − Disclosure of AI usage
− Insecure plug-in design
− Deep fake
գ Digital media
գ Interactivity

CompTIA SecurityX CAS-005 Certification Exam: Exam Objectives Version 1.0

Copyright © 2023 CompTIA, Inc. All rights reserved.
 2.0 Security Architecture
2.1 Given a scenario, analyze requirements to design resilient systems.

• Component placement − Web application firewall (WAF) • Availability and integrity

and configuration − Proxy design considerations
− Firewall − Reverse proxy − Load balancing
− Intrusion prevention system (IPS) − Application programming − Recoverability
− Intrusion detection system (IDS) interface (API) gateway − Interoperability
− Vulnerability scanner − Taps − Geographical considerations
− Virtual private network (VPN) − Collectors − Vertical vs. horizontal scaling
− Network access control (NAC) − Content delivery network (CDN) − Persistence vs. non-persistence

2.2 Given a scenario, implement security in the early stages of the systems life cycle and
throughout subsequent stages.

• Security requirements definition analysis (SCA) • Supply chain risk management

− Functional requirements − Software bill of materials (SBoM) − Software
− Non-functional requirements − Formal methods − Hardware
− Security vs. usability trade-off
• Continuous integration/ • Hardware assurance
• Software assurance continuous deployment (CI/CD) − Certification and validation process
− Static application security − Coding standards and linting
testing (SAST) − Branch protection • End-of-life (EOL) considerations
− Dynamic application − Continuous improvement
security testing (DAST) − Testing activities
− Interactive application գ Canary
security testing (IAST) գ Regression
− Runtime application self- գ Integration
protection (RASP) գ Automated test and retest
− Vulnerability analysis գ Unit
− Software composition

2.3 Given a scenario, integrate appropriate controls in the design of a secure architecture.

• Attack surface management − Alerting • Hybrid infrastructures

and reduction − Sensor placement • Third-party integrations
− Vulnerability management • Control effectiveness
− Hardening • Information and data security design − Assessments
− Defense-in-depth − Classification models − Scanning
− Legacy components − Data labeling − Metrics
within an architecture − Tagging strategies

• Detection and threat- • DLP

hunting enablers − At rest
− Centralized logging − In transit
− Continuous monitoring − Data discovery

CompTIA SecurityX CAS-005 Certification Exam: Exam Objectives Version 1.0

Copyright © 2023 CompTIA, Inc. All rights reserved.
 2.0 | Security Architecture

2.4 Given a scenario, apply security concepts to the design of access, authentication, and
authorization systems.

• Provisioning/deprovisioning • Access control models − Certificate types

− Credential issuance − Role-based access control − Online Certificate Status
− Self-provisioning − Rule-based access control Protocol (OCSP) stapling
− Attribute-based access − Certificate authority/registration
• Federation control (ABAC) authority (CA/RA)
• Single sign-on (SSO) − Mandatory access control (MAC) − Templates
• Conditional access − Discretionary access control (DAC) − Deployment/integration approach
• Identity provider
• Service provider • Logging and auditing • Access control systems
• Attestations • Public key infrastructure − Physical
• Policy decision and (PKI) architecture − Logical
enforcement points − Certificate extensions

2.5 Given a scenario, securely implement cloud capabilities in an enterprise environment.

• Cloud access security • Serverless • Cloud data security considerations

broker (CASB) − Workloads − Data exposure
− API-based − Functions − Data leakage
− Proxy-based − Resources − Data remanence
− Insecure storage resources
• Shadow IT detection • API security
• Shared responsibility model − Authorization • Cloud control strategies
• CI/CD pipeline − Logging − Proactive
• Terraform − Rate limiting − Detective
• Ansible − Preventative
• Package monitoring • Cloud vs. customer-managed
• Container security − Encryption keys • Customer-to-cloud connectivity
• Container orchestration − Licenses • Cloud service integration
• Cloud service adoption

2.6 Given a scenario, integrate Zero Trust concepts into system architecture design.

• Continuous authorization • Deperimeterization

• Context-based reauthentication − Secure access service edge (SASE)
• Network architecture − Software-defined wide area
− Segmentation network (SD-WAN)
− Microsegmentation − Software-defined networking
− VPN
− Always-on VPN • Defining subject-object
relationships
• API integration and validation
• Asset identification,
management, and attestation
• Security boundaries
− Data perimeters
− Secure zone
− System components

CompTIA SecurityX CAS-005 Certification Exam: Exam Objectives Version 1.0

Copyright © 2023 CompTIA, Inc. All rights reserved.
 3.0 Security Engineering
3.1 Given a scenario, troubleshoot common issues with identity and access management (IAM)
components in an enterprise environment.

• Subject access control • Conditional access − Multifactor authentication (MFA)

− User − User-to-device binding − SSO
− Process − Geographic location − Kerberos
− Device − Time-based − Simultaneous authentication
− Service − Configuration of equals (SAE)
− Privileged access
• Biometrics • Attestation management (PAM)
• Secrets management • Cloud IAM access and trust policies − Open Authorization (OAuth)
− Tokens • Logging and monitoring − Extensible Authentication
− Certificates • Privilege identity management Protocol (EAP)
− Passwords • Authentication and authorization − Identity proofing
− Keys − Security Assertions Markup − Institute for Electrical and
− Rotation Language (SAML) Electronics Engineers (IEEE) 802.1X
− Deletion − OpenID − Federation

3.2 Given a scenario, analyze requirements to enhance the security of endpoints and servers.

• Application control • Configuration management

• Endpoint detection response (EDR) • Mobile device management
• Event logging and monitoring (MDM) technologies
• Endpoint privilege management • Threat-actor tactics, techniques,
• Attack surface monitoring and procedures (TTPs)
and reduction − Injections
• Host-based intrusion protection − Privilege escalation
system/host-based detection − Credential dumping
system (HIPS/HIDS) − Unauthorized execution
• Anti-malware − Lateral movement
• SELinux − Defensive evasion
• Host-based firewall
• Browser isolation

CompTIA SecurityX CAS-005 Certification Exam: Exam Objectives Version 1.0

Copyright © 2023 CompTIA, Inc. All rights reserved.
 3.0 | Security Engineering

3.3 Given a scenario, troubleshoot complex network infrastructure security issues.

• Network misconfigurations − Domain Name System Security • Transport Layer Security

− Configuration drift Extensions (DNSSEC) (TLS) errors
− Routing errors − DNS poisoning • Cipher mismatch
− Switching errors − Sinkholing • PKI issues
− Insecure routing − Zone transfers • Issues with cryptographic
− VPN/tunnel errors • implementations
• Email security • DoS/distributed denial
• IPS/IDS issues − Domain Keys Identified Mail (DKIM) of service (DDoS)
− Rule misconfigurations − Sender Policy Framework (SPF) • Resource exhaustion
− Lack of rules − Domain-based Message • Network access control
− False positives/false negatives Authentication Reporting & list (ACL) issues
− Placement Conformance (DMARC)
− Secure/Multipurpose Internet Mail
• Observability Extension (S/MIME)
• Domain Name System
(DNS) security

3.4 Given a scenario, implement hardware security technologies and techniques.

• Roots of trust • Virtual hardware − Shimming

− Trusted Platform Module (TPM) • Host-based encryption
− Hardware Security Module (HSM) • Self-encrypting drive (SED)
− Virtual Trusted Platform • Secure Boot
Module (vTPM) • Measured boot
• Self-healing hardware
• Security coprocessors • Tamper detection and
− Central processing unit (CPU) countermeasures
security extensions • Threat-actor TTPs
− Secure enclave − Firmware tampering
− Universal Serial Bus
(USB)-based attacks
− Basic input/output system/Unified
Extensible Firmware Interface
− (BIOS/UEFI)
− Memory
− Electromagnetic interference (EMI)
− Electromagnetic pulse (EMP)

3.5 Given a set of requirements, secure specialized and legacy systems against threats.

• Operational technology (OT) − Aggregation • Characteristics of specialized/

− Supervisory control and data − Hardening legacy systems
acquisition (SCADA) − Data analytics − Unable to secure
− Industrial control system (ICS) − Environmental − Obsolete
− Heating ventilation and air − Regulatory − Unsupported
conditioning (HVAC)/environmental − Safety − Highly constrained

• Internet of Things (IoT) • Industry-specific challenges

• System-on-chip (SoC) − Utilities
• Embedded systems − Transportation
• Wireless technologies/ − Healthcare
radio frequency (RF) − Manufacturing
• Security and privacy considerations − Financial
− Segmentation − Government/defense
− Monitoring

CompTIA SecurityX CAS-005 Certification Exam: Exam Objectives Version 1.0

Copyright © 2023 CompTIA, Inc. All rights reserved.
 3.0 | Security Engineering

3.6 Given a scenario, use automation to secure the enterprise.

• Scripting • Cloud APIs/software • Vulnerability scanning and reporting

− PowerShell development kits (SDKs) • Security Content Automation
− Bash − Web hooks Protocol (SCAP)
− Python − Open Vulnerability Assessment
• Generative AI Language (OVAL)
• Cron/scheduled tasks − Code assist − Extensible Configuration Checklist
• Event-based triggers − Documentation Description Format (XCCDF)
• Infrastructure as code (IaC) − Common Platform
• Configuration files • Containerization Enumeration (CPE)
− Yet Another Markup • Automated patching − Common vulnerabilities
Language (YAML) • Auto-containment and exposures (CVE)
− Extensible Markup Language (XML) • Security orchestration, automation, − Common Vulnerability
− JavaScript Object Notation (JSON) and response (SOAR) Scoring System (CVSS)
− Tom’s Obvious, Minimal − Runbooks
Language (TOML) − Playbooks • Workflow automation

3.7 Explain the importance of advanced cryptographic concepts.

• Post-quantum cryptography (PQC) • Key stretching • Secure multiparty computation

− Post-quantum vs. Diffie- • Key splitting • Authenticated encryption with
Hellman and elliptic curve • Homomorphic encryption associated data (AEAD)
cryptography (ECC) • Forward secrecy • Mutual authentication
− Resistance to quantum • Hardware acceleration
computing decryption attack • Envelope encryption
− Emerging implementations • Performance vs. security

3.8 Given a scenario, apply the appropriate cryptographic use case and/or technique.

• Use cases − Data anonymization − Digital signatures

− Data at rest − Certificate-based authentication − Obfuscation
− Data in transit − Passwordless authentication − Serialization
գ Encrypted tunnels − Software provenance − Hashing
− Data in use/processing − Software/code integrity − One-time pad
− Secure email − Centralized vs. decentralized − Symmetric cryptography
− Immutable databases/blockchain key management − Asymmetric cryptography
− Non-repudiation − Lightweight cryptography
− Privacy applications • Techniques
− Legal/regulatory considerations − Tokenization
− Resource considerations − Code signing
− Data sanitization − Cryptographic erase/obfuscation

CompTIA SecurityX CAS-005 Certification Exam: Exam Objectives Version 1.0

Copyright © 2023 CompTIA, Inc. All rights reserved.
 4.0 Security Operations
4.1 Given a scenario, analyze data to enable monitoring and response activities.

• Security information event − Systems • Alerting

management (SIEM) − Users − False positives/false negatives
− Event parsing − Applications/services − Alert failures
− Event duplication − Prioritization factors
− Non-reporting devices • Incorporating diverse data sources գ Criticality
− Retention − Third-party reports and logs գ Impact
− Event false positives/false negatives − Threat intelligence feeds գ Asset type
− Vulnerability scans գ Residual risk
• Aggregate data analysis − CVE details գ Data classification
− Correlation − Bounty programs − Malware
− Audit log reduction − DLP data − Vulnerabilities
− Prioritization − Endpoint logs
− Trends − Infrastructure device logs • Reporting and metrics
− Application logs − Visualization
• Behavior baselines and analytics − Cloud security posture − Dashboards
− Network management (CSPM) data

4.2 Given a scenario, analyze vulnerabilities and attacks, and recommend solutions to reduce
the attack surface.

• Vulnerabilities and attacks − Deserialization − Least privilege

− Injection − Weak ciphers − Fail secure/fail safe
− Cross-site scripting (XSS) − Confused deputy − Secrets management
− Unsafe memory utilization − Implants գ Key rotation
− Race conditions − Least function/functionality
− Cross-site request forgery • Mitigations − Defense-in-depth
− Server-side request forgery − Input validation − Dependency management
− Insecure configuration − Output encoding − Code signing
− Embedded secrets − Safe functions − Encryption
− Outdated/unpatched գ Atomic functions − Indexing
software and libraries գ Memory-safe functions − Allow listing
− End-of-life software գ Thread-safe functions
− Poisoning − Security design patterns
− Directory service misconfiguration − Updating/patching
− Overflows գ Operating system (OS)
− Deprecated functions գ Software
− Vulnerable third parties գ Hypervisor
− Time of check, time of գ Firmware
use (TOCTOU) գ System images

CompTIA SecurityX CAS-005 Certification Exam: Exam Objectives Version 1.0

Copyright © 2023 CompTIA, Inc. All rights reserved.
 4.0 | Security Operations

4.3 Given a scenario, apply threat-hunting and threat intelligence concepts.

• Internal intelligence sources • Counterintelligence and − Yet Another Recursive

− Adversary emulation engagements operational security Acronym (YARA)
− Internal reconnaissance • Threat intelligence platforms (TIPs) − Rita
− Hypothesis-based searches − Third-party vendors − Snort
− Honeypots
− Honeynets • Indicator of compromise • Indicators of attack
− User behavior analytics (UBA) (IoC) sharing − TTPs
− Structured Threat Information
• External intelligence sources eXchange (STIX)
− Open-source intelligence (OSINT) − Trusted automated exchange of
− Dark web monitoring indicator information (TAXII)
− Information sharing and
analysis centers (ISACs) • Rule-based languages
− Reliability factors − Sigma

4.4 Given a scenario, analyze data and artifacts in support of incident response activities.

• Malware analysis • Metadata analysis

− Detonation − Email header
− IoC extractions − Images
− Sandboxing − Audio/video
− Code stylometry − Files/filesystem
գ Variant matching
գ Code similarity • Hardware analysis
գ Malware attribution − Joint test action group (JTAG)

• Reverse engineering • Data recovery and extraction

− Disassembly and decompilation • Threat response
− Binary • Preparedness exercises
− Byte code • Timeline reconstruction
• Root cause analysis
• Volatile/non-volatile storage analysis • Cloud workload protection platform (CWPP)
• Network analysis • Insider threat
• Host analysis

CompTIA SecurityX CAS-005 Certification Exam: Exam Objectives Version 1.0

Copyright © 2023 CompTIA, Inc. All rights reserved.
CompTIA SecurityX Acronym List
The following is a list of acronyms that appears on the CompTIA SecurityX
CAS-005 exam. Candidates are encouraged to review the complete list and
attain a working knowledge of all listed acronyms as part of a comprehensive
exam preparation program.

ACRONYM DEFINITION
ABAC Attribute-based Access Control
ACL Access Control List
ACME Automated Certificate Management Environment
AEAD Authenticated Encryption with Associated Data
AI Artificial Intelligence
API Application Programming Interface
APT Advanced Persistent Threat
AQL Ariel Query Language
ATT&CK Adversarial Tactics, Techniques, and Common Knowledge
BEAST Browser Exploit against SSL/TLS
BIOS Basic Input/Output System
BYOD Bring Your Own Device
C2 Command and Control
CA Certificate Authority
CAPEC Common Attack Pattern Enumeration and Classification
CA/RA Certificate Authority/Registration Authority
CASB Cloud Access Security Broker
CBC Cipher Block Chaining
CCPA California Consumer Privacy Act
CDN Content Delivery Network
CI/CD Continuous Integration/Continuous Deployment
CIS Center for Internet Security
CMDB Configuration Database Management
CNAME Canonical Name
COBIT Control Objectives for Information and Related Technologies
COPPA Children’s Online Privacy Act
COSO Committee of Sponsoring Organizations of the Treadway Commission
CPE Common Platform Enumeration
CPU Central Processing Unit
CRL Certificate Revocation List
CRM Customer Relationship Manager
CSA Cloud Security Alliance
CSPM Cloud Security Posture Management
CSR Certificate Signing Request
CSRF Cross-site Request Forgery
CVE Common Vulnerabilities and Exposures
CVSS Common Vulnerability Scoring System
CWPP Cloud Workload Protection Platform
D3FEND Detection, Denial, and Disruption Framework Empowering Network Defense
DAC Discretionary Access Control
DAST Dynamic Application Security Testing

CompTIA SecurityX CAS-005 Certification Exam: Exam Objectives Version 1.0

Copyright © 2023 CompTIA, Inc. All rights reserved.
ACRONYM DEFINITION
DDoS Distributed Denial of Service
DHCP Dynamic Host Configuration Protocol
DKIM Domain Keys Identified Mail
DLP Data Loss Prevention
DMA Digital Markets Act
DMARC Domain-based Message Authentication Reporting and Conformance
DNS Domain Name System
DNSSEC Domain Name System Security Extensions
DORA Digital Operational Resilience Act
DoS Denial of Service
EAP Extensible Authentication Protocol
ECC Elliptic Curve Cryptography
EDR Endpoint Detection Response
EMI Electromagnetic Interference
EMP Electromagnetic Pulse
EOL End-of-life
FAST Flexible Authentication via Secure Tunneling
FDE Full Disk Encryption
FIDO Fast Identity Online
GDPR General Data Protection Regulation
GPO Group Policy Objects
GRC Governance, Risk, and Compliance
HIPS/HIDS Host-based Intrusion Protection System/Host-based Detection System
HKLM Hkey_Local_Machine
HSM Hardware Security Module
HSTS HTTP Strict Transport Security
HTTP Hypertext Transfer Protocol
HTTPS Hypertext Transfer Protocol Secure
HVAC Heating Ventilation and Air Conditioning
IaC Infrastructure as Code
IAM Identity and Access Management
IAST Interactive Application Security Testing
ICS Industrial Control System
IDS Intrusion Detection System
IDE Integrated Development Environment
IEEE Institute for Electrical and Electronics Engineers
IIS Internet Information Services
IKE Internet Key Exchange
IoC Indicator of Compromise
IoT Internet of Things
IPS Intrusion Prevention System
ISAC Information Sharing and Analysis Centers
ISO/IEC International Organization for Standardization/ International Electrotechnical Commission
ISP Internet Service Provider
ITIL Information Technology Infrastructure Library
JSON JavaScript Object Notation
JTAG Joint Test Action Group
LAN Local Area Network
LDAP Lightweight Directory Access Protocol
LGPD General Data Protection Law
LLM Large Language Model
MAC Mandatory Access Control
MDM Mobile Device Management
MFA Multifactor Authentication

CompTIA SecurityX CAS-005 Certification Exam: Exam Objectives Version 1.0

Copyright © 2023 CompTIA, Inc. All rights reserved.
ACRONYM DEFINITION
MIME Multipurpose Internet Mail Extensions
MX Mail Exchange
NAC Network Access Control
NFS Network File System
NIDS Network-based Intrusion Detection System
NIPS Network-based Intrusion Prevention System
NIST CSF National Institute of Standards and Technology Cybersecurity Framework
NTLM New Technology LAN Manager
OAuth Open Authorization
OCSP Online Certificate Status Protocol
OEM Original Equipment Manufacturer
OS Operating System
OSINT Open-source Intelligence
OT Operational Technology
OTP One-time Password
OVAL Open Vulnerability Assessment Language
OWASP Open Web Application Security Project
PaaS Platform as a Service
PAM Privileged Access Management
PCI DSS Payment Card Industry Data Security Standard
PEAP Protected Extensible Authentication Protocol
PII Personally Identifiable Information
PKI Public Key Infrastructure
PQC Post-quantum Cryptography
PTR Pointer Record
QA Quality Assurance
RACI Responsible, Accountable, Consulted, and Informed
RADIUS Remote Authentication Dial-in User Service
RASP Runtime Application Self-protection
RAT Remote Access Trojan
RCE Remote Code Execution
RDP Remote Desktop Protocol
REST Representational State Transfer
RF Radio Frequency
RPO Recovery Point Objective
RSA Rivest-Shamir-Aldeman Encryption Algorithm
RTO Recovery Time Objective
SaaS Software as a Service
SAE Simultaneous Authentication of Equals
SAML Security Assertions Markup Language
SAN Storage Area Network
SASE Secure Access Service Edge
SAST Static Application Security Testing
SBoM Software Bill of Materials
SCA Software Composition Analysis
SCADA Supervisory Control and Data Acquisition
SCAP Security Content Automation Protocol
SCCM System Center Configuration Management
SCEP Simple Certificate Enrollment Protocol
SCHANNEL Secure Channel
SDK Software Development Kit
SDLC Software Development Life Cycle
SDN Software-defined Network
SDR Software-defined Radio

CompTIA SecurityX CAS-005 Certification Exam: Exam Objectives Version 1.0

Copyright © 2023 CompTIA, Inc. All rights reserved.
ACRONYM DEFINITION
SD-WAN Software-defined Wide Area Network
SED Self-encrypting Drive
SIEM Security Information Event Management
SLA Service-level Agreement
S/MIME Secure/Multipurpose Internet Mail Extensions
SOA Service-oriented Architecture
SOAR Security Orchestration, Automation, and Response
SoC System-on-Chip
SOC Security Operations Center
SOC 2 System and Organization Controls 2
SPF Sender Policy Framework
SSD Solid-state Drive
SSH Secure Shell
SSL Secure Sockets Layer
SSO Single Sign-on
STIX Structured Threat Information eXchange
STRIDE Spoofing, Tampering, Repudiation, Information Disclosure, Denial of Service and Elevation of Privilege
TAXII Trusted Automated Exchange of Indicator Information
TIP Threat Intelligence Platforms
TLS Transport Layer Security
TOCTOU Time of Check, Time of Use
TOML Tom’s Obvious, Minimal Language
TPM Trusted Platform Module
TTPs Tactics, Techniques, and Procedures
UBA User Behavior Analytics
UDP User Datagram Protocol
UEBA User & Entity Behavior Analytics
UEFI Unified Extensible Firmware Interface
USB Universal Serial Bus
VDI Virtual Desktop Environment
VPN Virtual Private Network
vTPM Virtual Trusted Platform Module
VLAN Virtual Local Area Network
VPN Virtual Private Network
WAF Web Application Firewall
WIPS Wireless Intrusion Prevention System
WLAN Wireless Local Area Newtork
XCCDF Extensible Configuration Checklist Description Format
XDR Extended Detection and Response
XML Extensible Markup Language
XSS Cross-site Scripting
YAML Yet Another Markup Language
YARA Yet Another Recursive Acronym

CompTIA SecurityX CAS-005 Certification Exam: Exam Objectives Version 1.0

Copyright © 2023 CompTIA, Inc. All rights reserved.
CompTIA SecurityX Proposed Hardware and
Software List
CompTIA has included this sample list of hardware and software
to assist candidates as they prepare for the SecurityX CAS-005
certification exam. This list may also be helpful for training companies
that wish to create a lab component for their training offering. The
bulleted lists below each topic are sample lists and are not exhaustive.

EQUIPMENT SOFTWARE
• Computers with a TPM • Virtualized appliances (firewall, IPS,
• Basic server hardware (email server/ SIEM solution)
Active Directory server, trusted OS) • Windows
• Tokens • Linux distributions
• Mobile devices (Android and iOS) • VMware Workstation Player
• Switches (managed switch) • Vulnerability assessment tools
• Gateway/router (wired/wireless) • Secure Shell (SSH) and Telnet
• Firewall utilities
• Proxy server • Threat-modeling tool
• Load balancer • IPS/IDS
• Access points • HIPS
• Biometric devices • Wireless intrusion prevention system
• Arduino/Raspberry Pi (WIPS)
• Software-defined radio (SDR) • Forensic tools
• Certificate authority
OTHER • Kali and all Kali toolsets
• Sample logs • GNS and associated firmware
• Sample network traffic (packet • Log analysis tools
capture) • API SDKs
• Sample organizational structure • Python 3+
• Sample network documentation • Security Onion tools
• Internet connection • Metasploitable
• Cloud services • Large language model platform
• Online productivity suite • IDE
• Diagramming software connectors • Cryptographic library
• Code versioning, integration, and
deployment platform

© 2023 CompTIA, Inc., used under license by CompTIA, Inc. All rights reserved. All certification programs and education related to such
programs are operated exclusively by CompTIA, Inc. CompTIA is a registered trademark of CompTIA, Inc. in the U.S. and internationally.
Other brands and company names mentioned herein may be trademarks or service marks of CompTIA, Inc. or of their respective owners.
Reproduction or dissemination prohibited without the written consent of CompTIA, Inc. Printed in the U.S. 10952-Dec2023