CompTIA CAS-005 Exam - Topic 4 Question 21 Discussion

Actual exam question for CompTIA's CAS-005 exam

Question #: 21
Topic #: 4

A company is migrating from a Windows Server to Linux-based servers. A security engineer must deploy a configuration management solution that maintains security software across all the Linux servers. Which of the following configuration file snippets is the most appropriate to use?

A--- - name: deployment hosts: linux_servers remote_user: root tasks: - name: Install security software ansible.builtin.apt:

B<hosts>linux_servers</hosts> <os_type>Linux 3.1</os_type> <SElinux>true</SElinux> <source>com.canonical.io</source>

C{'name':'deployment', 'hosts':'linux_servers', 'remote_user':'Administrator', 'tasks':{'name':'Install security software', 'com.microsoft.store.latest'} }

D{'task':'install', 'hosts':'linux_servers', 'remote_user':'root', 'se_linux':'false', 'application':'AppX'}

Show Suggested Answer

Suggested Answer: A, A

The correct snippet is Option A, which shows an Ansible YAML playbook designed to deploy and maintain security software on Linux servers. Ansible is a configuration management tool widely used in enterprise environments, and the ansible.builtin.apt module specifically manages package installation on Debian/Ubuntu-based Linux distributions. This ensures consistent security software deployment across multiple servers.

Option B is XML-based and does not represent a valid configuration management script. Option C incorrectly uses JSON format and Reference Microsoft's store (com.microsoft.store.latest), which is irrelevant for Linux. Option D also uses JSON syntax with ''AppX,'' which applies to Windows applications, not Linux.

CAS-005 emphasizes infrastructure as code (IaC) and automation as best practices for secure system configuration. YAML-based playbooks in Ansible provide repeatability, auditability, and scalability, making Option A the most secure and appropriate solution.

by Claribel at Nov 23, 2025, 06:15 PM

Limited Time Offer

25%

Off

Get Premium CAS-005 Questions as Interactive Web-Based Practice Test or PDF

Contribute your Thoughts:

Submit Cancel

Isaiah

1 day ago

Option B looks good too, but it’s not as flexible as A.

upvoted 0 times

...

Peggie

7 days ago

Agreed! A is clear and straightforward.

upvoted 0 times

...

Wilda

12 days ago

I think option A is the best choice. Ansible is great for Linux.

upvoted 0 times

...

Haydee

17 days ago

Not sure about D, SE Linux should be true for security, right?

upvoted 0 times

...

Fairy

22 days ago

Wait, why is C using "Administrator"? That's Windows!

upvoted 0 times

...

Samuel

27 days ago

B seems outdated with that OS version.

upvoted 0 times

...

Louisa

2 months ago

Definitely agree, A is the way to go!

upvoted 0 times

...

Jestine

2 months ago

Option A looks solid for Ansible.

upvoted 0 times

...

Chandra

2 months ago

Hmm, A) seems like the obvious choice. Unless you're a die-hard Windows admin, then C) might be more your style.

upvoted 0 times

...

Eun

2 months ago

A) is the way to go, though I'd probably add a few more tasks to harden those servers. Can't be too careful these days!

upvoted 0 times

...

Helene

2 months ago

A) is the clear winner, who needs all that fancy XML/JSON when Ansible has you covered?

upvoted 0 times

...

Nadine

2 months ago

A) for the win! Ansible makes this kind of deployment a breeze.

upvoted 0 times

...

Daron

3 months ago

I feel like option C is definitely wrong since it uses "Administrator," which is more Windows-centric. I think we need to focus on Linux-specific configurations.

upvoted 0 times

...

Allene

3 months ago

I’m leaning towards A as well, but I wonder if there are any specific security implications with using "ansible.builtin.apt." Did we cover that in our last session?

upvoted 0 times

...

Murray

3 months ago

I remember we discussed the importance of using the correct user permissions. Option B seems off since it mentions "Linux 3.1," which feels outdated.

upvoted 0 times

...

Lenny

3 months ago

I think option A looks familiar; it seems like the Ansible format we practiced. But I'm not entirely sure if "remote_user: root" is the best choice for security.

upvoted 0 times

...

Isabella

3 months ago

The Ansible YAML format in option A seems the most logical choice for this scenario. I'll make sure I have a good understanding of the Ansible syntax and modules before attempting to answer this question.

upvoted 0 times

...

Johanna

3 months ago

I'm not too familiar with the other configuration file formats, so I'll focus on understanding the Ansible YAML syntax. Identifying the correct tasks and variables will be key to solving this question.

upvoted 0 times

...

Lashawna

4 months ago

Option A looks like the most appropriate choice to me. The Ansible YAML format is clear and straightforward for installing security software on the Linux servers.

upvoted 0 times

...

Yun

4 months ago

A) looks like the correct Ansible playbook snippet to install security software on Linux servers.

upvoted 0 times

...

Audry

4 months ago

A) is the way to go, nice and straightforward Ansible syntax.

upvoted 0 times

...

Jani

5 months ago

Hmm, I'm a bit confused by the different syntax options presented here. I'll need to double-check my Ansible knowledge to make sure I understand the correct format for the configuration file.

upvoted 0 times

...

Dorothy

5 months ago

This looks like a straightforward Ansible configuration question. I'll review the options and think about the best approach to maintain security software across the Linux servers.

upvoted 0 times

Leoma

4 months ago

I think option A is the most suitable. It uses Ansible correctly.

upvoted 0 times

...

Colette

4 months ago

Agreed! A looks clean and straightforward.

upvoted 0 times

...