CAS-005 exam

The identity and access management team is sending logs to the SIEM for continuous monitoring. The deployed log collector is forwarding logs to the SIEM. However, only false positive alerts are being generated . Which of the following is the most likely reason for the inaccurate alerts?A . The compute...

A financial technology firm works collaboratively with business partners in the industry to share threat intelligence within a central platform This collaboration gives partner organizations the ability to obtain and share data associated with emerging threats from a variety of adversaries. Which of the following should the organization most likely...

After remote desktop capabilities were deployed in the environment, various vulnerabilities were noticed. • Exfiltration of intellectual property • Unencrypted files • Weak user passwords Which of the following is the best way to mitigate these vulnerabilities? (Select two). A. Implementing data loss prevention B. Deploying file integrity monitoring C....

An organization is planning for disaster recovery and continuity of operations. INSTRUCTIONS Review the following scenarios and instructions. Match each relevant finding to the affected host. After associating scenario 3 with the appropriate host(s), click the host to select the appropriate corrective action for that finding. Each finding may be...

A security analyst reviews the following report: Which of the following assessments is the analyst performing? A. System B. Supply chain C. Quantitative D. OrganizationalView AnswerAnswer: B Explanation: The table shows detailed information about products, including location, chassis manufacturer, OS, application developer, and vendor. This type of information is typically...

A security analyst is troubleshooting the reason a specific user is having difficulty accessing company resources. The analyst reviews the following information: Which of the following is most likely the cause of the issue? A. The local network access has been configured to bypass MFA requirements. B. A network geolocation...

An audit finding reveals that a legacy platform has not retained loos for more than 30 days The platform has been segmented due to its interoperability with newer technology. As a temporary solution, the IT department changed the log retention to 120 days . Which of the following should the...

During a gap assessment, an organization notes that OYOD usage is a significant risk. The organization implemented administrative policies prohibiting BYOD usage However, the organization has not implemented technical controls to prevent the unauthorized use of BYOD assets when accessing the organization's resources . Which of the following solutions should...

A security architect is establishing requirements to design resilience in un enterprise system trial will be extended to other physical locations. The system must • Be survivable to one environmental catastrophe • Re recoverable within 24 hours of critical loss of availability • Be resilient to active exploitation of one...

A systems engineer is configuring a system baseline for servers that will provide email services. As part of the architecture design, the engineer needs to improve performance of the systems by using an access vector cache, facilitating mandatory access control and protecting against: • Unauthorized reading and modification of data...