ExamGecko
Login
Home / CompTIA / CAS-005 / List of questions
Ask Question

CompTIA CAS-005 Practice Test - Questions Answers, Page 18

Add to Whishlist

List of questions

Question 171

Report Export Collapse

Which of the following supports the process of collecting a large pool of behavioral observations to inform decision-making?

Become a Premium Member for full access
  Unlock Premium Member

Question 172

Report Export Collapse

A security analyst is using data provided from a recent penetration test to calculate CVSS scores to prioritize remediation. Which of the following metric groups would the analyst need to determine to get the overall scores? (Select three).

Become a Premium Member for full access
  Unlock Premium Member

Question 173

Report Export Collapse

A security analyst is reviewing the following vulnerability assessment report:

192.168.1.5, Host = Server1, CVSS 7.5, Web Server, Remotely Executable = Yes, Exploit = Yes

205.1.3.5, Host = Server2, CVSS 6.5, Bind Server, Remotely Executable = Yes, Exploit = POC

207.1.5.7, Host = Server3, CVSS 5.5, Email Server, Remotely Executable = Yes, Exploit = Yes

192.168.1.6, Host = Server4, CVSS 9.8, Domain Controller, Remotely Executable = Yes, Exploit = Yes

Which of the following should be patched first to minimize attacks against internet-facing hosts?

Become a Premium Member for full access
  Unlock Premium Member

Question 174

Report Export Collapse

PKI can be used to support security requirements in the change management process. Which of the following capabilities does PKI provide for messages?

Become a Premium Member for full access
  Unlock Premium Member

Question 175

Report Export Collapse

A user from the sales department opened a suspicious file attachment. The sales department then contacted the SOC to investigate a number of unresponsive systems, and the team successfully identified the file and the origin of the attack. Which of the following is the next step of the incident response plan?

Become a Premium Member for full access
  Unlock Premium Member

Question 176

Report Export Collapse

A security analyst is performing a review of a web application. During testing as a standard user, the following error log appears:

Error Message in Database Connection

Connection to host USA-WebApp-Database failed

Database 'Prod-DB01' not found

Table 'CustomerInfo' not found

Please retry your request later

Which of the following best describes the analyst's findings and a potential mitigation technique?

Become a Premium Member for full access
  Unlock Premium Member

Question 177

Report Export Collapse

A company wants to improve and automate the compliance of its cloud environments to meet industry standards. Which of the following resources should the company use to best achieve this goal?

Become a Premium Member for full access
  Unlock Premium Member

Question 178

Report Export Collapse

A security architect is mitigating a vulnerability that previously led to a web application data breach. An analysis into the root cause of the issue finds the following:

An administrator's account was hijacked and used on several Autonomous System Numbers within 30 minutes.

All administrators use named accounts that require multifactor authentication.

Single sign-on is used for all company applications.

Which of the following should the security architect do to mitigate the issue?

Become a Premium Member for full access
  Unlock Premium Member

Question 179

Report Export Collapse

An organization currently has IDS, firewall, and DLP systems in place. The systems administrator needs to integrate the tools in the environment to reduce response time. Which of the following should the administrator use?

Become a Premium Member for full access
  Unlock Premium Member

Question 180

Report Export Collapse

A global organization wants to manage all endpoint and user telemetry. The organization also needs to differentiate this data based on which office it is correlated to. Which of the following strategies best aligns with this goal?

Become a Premium Member for full access
  Unlock Premium Member
Total 198 questions
Go to page: of 20
Search
Open VPLUS File
Convert VPLUS to PDF

Related questions

A global company's Chief Financial Officer (CFO) receives a phone call from someone claiming to be the Chief Executive Officer (CEO). The caller claims to be stranded and in desperate need of money. The CFO is suspicious, but the caller's voice sounds similar to the CEO's. Which of the following best describes this type of attack?
A security engineer must ensure that sensitive corporate information is not exposed if a company laptop is stolen. Which of the following actions best addresses this requirement?
Which of the following best describes the challenges associated with widespread adoption of homomorphic encryption techniques?
Which of the following best describes the reason PQC preparation is important?
A company is preparing to move a new version of a web application to production. No issues were reported during security scanning or quality assurance in the CI/CD pipeline. Which of the following actions should the company take next?
A cloud engineer wants to configure mail security protocols to support email authenticity and enable the flow of email security information to a third-party platform for further analysis. Which of the following must be configured to achieve these requirements? (Select two).
An external threat actor attacks public infrastructure providers. In response to the attack and during follow-up activities, various providers share information obtained during response efforts. After the attack, energy sector companies share their status and response data: Company SIEM UEBA DLP ISAC Member TIP Integration Time to Detect Time to Respond 1 Yes No Yes Yes Yes 10 minutes 20 minutes 2 Yes Yes Yes Yes No 20 minutes 40 minutes 3 Yes Yes No No Yes 12 minutes 24 minutes Which of the following is the most important issue to address to defend against future attacks?
An organization is prioritizing efforts to remediate or mitigate risks identified during the latest assessment. For one of the risks, a full remediation was not possible, but the organization was able to successfully apply mitigations to reduce the likelihood of the impact. Which of the following should the organization perform next?
An auditor is reviewing the logs from a web application to determine the source of an incident. The web application architecture includes an internet-accessible application load balancer, a number of web servers in a private subnet, application servers, and one database server in a tiered configuration. The application load balancer cannot store the logs. The following are sample log snippets: Web server logs: 192.168.1.10 - - [24/Oct/2020 11:24:34 +05:00] 'GET /bin/bash' HTTP/1.1' 200 453 Safari/536.36 192.168.1.10 - - [24/Oct/2020 11:24:35 +05:00] 'GET / HTTP/1.1' 200 453 Safari/536.36 Application server logs: 24/Oct/2020 11:24:34 +05:00 - 192.168.2.11 - request does not match a known local user. Querying DB 24/Oct/2020 11:24:35 +05:00 - 192.168.2.12 - root path. Begin processing Database server logs: 24/Oct/2020 11:24:34 +05:00 [Warning] 'option read_buffer_size1 unassigned value 0 adjusted to 2048 24/Oct/2020 11:24:35 +05:00 [Warning] CA certificate ca.pem is self-signed. Which of the following should the auditor recommend to ensure future incidents can be traced back to the sources?
Which of the following are risks associated with vendor lock-in? (Select two).