CompTIA SecurityX (CAS-005) Test Questions and Answers Latest 2025
GRC
Governance, Risk, and Compliance, - integrates IT security governance, risk
management, and regulatory compliance into business operations
Security Architecture
The design of systems, technologies, and processes that align with business
goals and mitigate risks
Security Engineering
The discipline of building and maintaining secure IT systems
Security Operations
The ongoing monitoring, detection, and response to security incidents
Policy
High-level statements from senior leadership outlining security goals and
compliance
Procedure
Detailed instructions that explain how to implement security policies
Standard
Mandatory rules and technical specifications that must be followed
Guideline
Best practice recommendations that help improve security posture
, CompTIA SecurityX (CAS-005) Test Questions and Answers Latest 2025
RACI Matrix
A framework defining who is Responsible, Accountable, Consulted, and
Informed
Awareness Training
Educational programs to teach employees about cybersecurity risks and best
practices
Phishing
A type of social engineering where users are tricked into providing
sensitive information
Social Engineering
Manipulation of people into divulging confidential information
CIA Triad
Confidentiality, Integrity, and Availability - core principles of
information security
Confidentiality
Ensuring data is accessible only to authorized individuals
Integrity
Maintaining the accuracy and trustworthiness of data
GRC
Governance, Risk, and Compliance, - integrates IT security governance, risk
management, and regulatory compliance into business operations
Security Architecture
The design of systems, technologies, and processes that align with business
goals and mitigate risks
Security Engineering
The discipline of building and maintaining secure IT systems
Security Operations
The ongoing monitoring, detection, and response to security incidents
Policy
High-level statements from senior leadership outlining security goals and
compliance
Procedure
Detailed instructions that explain how to implement security policies
Standard
Mandatory rules and technical specifications that must be followed
Guideline
Best practice recommendations that help improve security posture
, CompTIA SecurityX (CAS-005) Test Questions and Answers Latest 2025
RACI Matrix
A framework defining who is Responsible, Accountable, Consulted, and
Informed
Awareness Training
Educational programs to teach employees about cybersecurity risks and best
practices
Phishing
A type of social engineering where users are tricked into providing
sensitive information
Social Engineering
Manipulation of people into divulging confidential information
CIA Triad
Confidentiality, Integrity, and Availability - core principles of
information security
Confidentiality
Ensuring data is accessible only to authorized individuals
Integrity
Maintaining the accuracy and trustworthiness of data