ExamGecko
Login
Home / CompTIA / CAS-005 / List of questions
Ask Question

CompTIA CAS-005 Practice Test - Questions Answers, Page 8

Add to Whishlist

List of questions

Question 71

Report Export Collapse

Company A and Company D ate merging Company A's compliance reports indicate branch protections are not in place A security analyst needs to ensure that potential threats to the software development life cycle are addressed. Which of the following should me analyst cons<der when completing this basic?

Become a Premium Member for full access
  Unlock Premium Member

Question 72

Report Export Collapse

A security analyst discovered requests associated with IP addresses known for born legitimate 3nd bot-related traffic. Which of the following should the analyst use to determine whether the requests are malicious?

Become a Premium Member for full access
  Unlock Premium Member

Question 73

Report Export Collapse

An organization is required to

* Respond to internal and external inquiries in a timely manner

* Provide transparency.

* Comply with regulatory requirements

The organization has not experienced any reportable breaches but wants to be prepared if a breach occurs in the future. Which of the following is the best way for the organization to prepare?

Become a Premium Member for full access
  Unlock Premium Member

Question 74

Report Export Collapse

A security analyst is reviewing the following event timeline from an COR solution:

CompTIA CAS-005 image Question 74 6387507421844471769255

Which of the following most likely has occurred and needs to be fixed?

Become a Premium Member for full access
  Unlock Premium Member

Question 75

Report Export Collapse

A security engineer is developing a solution to meet the following requirements?

* All endpoints should be able to establish telemetry with a SIEM.

* All endpoints should be able to be integrated into the XDR platform.

* SOC services should be able to monitor the XDR platform

Which of the following should the security engineer implement to meet the requirements?

Become a Premium Member for full access
  Unlock Premium Member

Question 76

Report Export Collapse

A systems administrator wants to reduce the number of failed patch deployments in an organization. The administrator discovers that system owners modify systems or applications in an ad hoc manner. Which of the following is the best way to reduce the number of failed patch deployments?

Become a Premium Member for full access
  Unlock Premium Member

Question 77

Report Export Collapse

An audit finding reveals that a legacy platform has not retained loos for more than 30 days The platform has been segmented due to its interoperability with newer technology. As a temporary solution, the IT department changed the log retention to 120 days. Which of the following should the security engineer do to ensure the logs are being properly retained?

Become a Premium Member for full access
  Unlock Premium Member

Question 78

Report Export Collapse

A company wants to invest in research capabilities with the goal to operationalize the research output. Which of the following is the best option for a security architect to recommend?

Become a Premium Member for full access
  Unlock Premium Member

Question 79

Report Export Collapse

Which of the following is the main reason quantum computing advancements are leading companies and countries to deploy new encryption algorithms?

Become a Premium Member for full access
  Unlock Premium Member

Question 80

Report Export Collapse

A network engineer must ensure that always-on VPN access is enabled Curt restricted to company assets Which of the following best describes what the engineer needs to do''

Become a Premium Member for full access
  Unlock Premium Member
Total 198 questions
Go to page: of 20
Search
Open VPLUS File
Convert VPLUS to PDF

Related questions

A global company's Chief Financial Officer (CFO) receives a phone call from someone claiming to be the Chief Executive Officer (CEO). The caller claims to be stranded and in desperate need of money. The CFO is suspicious, but the caller's voice sounds similar to the CEO's. Which of the following best describes this type of attack?
A security engineer must ensure that sensitive corporate information is not exposed if a company laptop is stolen. Which of the following actions best addresses this requirement?
Which of the following best describes the challenges associated with widespread adoption of homomorphic encryption techniques?
Which of the following best describes the reason PQC preparation is important?
A company is preparing to move a new version of a web application to production. No issues were reported during security scanning or quality assurance in the CI/CD pipeline. Which of the following actions should the company take next?
A cloud engineer wants to configure mail security protocols to support email authenticity and enable the flow of email security information to a third-party platform for further analysis. Which of the following must be configured to achieve these requirements? (Select two).
An external threat actor attacks public infrastructure providers. In response to the attack and during follow-up activities, various providers share information obtained during response efforts. After the attack, energy sector companies share their status and response data: Company SIEM UEBA DLP ISAC Member TIP Integration Time to Detect Time to Respond 1 Yes No Yes Yes Yes 10 minutes 20 minutes 2 Yes Yes Yes Yes No 20 minutes 40 minutes 3 Yes Yes No No Yes 12 minutes 24 minutes Which of the following is the most important issue to address to defend against future attacks?
An organization is prioritizing efforts to remediate or mitigate risks identified during the latest assessment. For one of the risks, a full remediation was not possible, but the organization was able to successfully apply mitigations to reduce the likelihood of the impact. Which of the following should the organization perform next?
An auditor is reviewing the logs from a web application to determine the source of an incident. The web application architecture includes an internet-accessible application load balancer, a number of web servers in a private subnet, application servers, and one database server in a tiered configuration. The application load balancer cannot store the logs. The following are sample log snippets: Web server logs: 192.168.1.10 - - [24/Oct/2020 11:24:34 +05:00] 'GET /bin/bash' HTTP/1.1' 200 453 Safari/536.36 192.168.1.10 - - [24/Oct/2020 11:24:35 +05:00] 'GET / HTTP/1.1' 200 453 Safari/536.36 Application server logs: 24/Oct/2020 11:24:34 +05:00 - 192.168.2.11 - request does not match a known local user. Querying DB 24/Oct/2020 11:24:35 +05:00 - 192.168.2.12 - root path. Begin processing Database server logs: 24/Oct/2020 11:24:34 +05:00 [Warning] 'option read_buffer_size1 unassigned value 0 adjusted to 2048 24/Oct/2020 11:24:35 +05:00 [Warning] CA certificate ca.pem is self-signed. Which of the following should the auditor recommend to ensure future incidents can be traced back to the sources?
Which of the following are risks associated with vendor lock-in? (Select two).