CAS-005 exam

The identity and access management team is sending logs to the SIEM for continuous monitoring. The deployed log collector is forwarding logs to the SIEM. However, only false positive alerts are being generated . Which of the following is the most likely reason for the inaccurate alerts?A . The compute...

A natural disaster may disrupt operations at Site A, which would then cause unreliable internet connectivity at Site B due to route flapping. INSTRUCTIONS Match each relevant finding to the affected host by clicking on the host name and selecting the appropriate number. For findings 1 and 2, select the...

You are a security analyst tasked with interpreting an Nmap scan output from company’s privileged network. The company’s hardening guidelines indicate the following: There should be one primary server or service per device. Only default ports should be used. Non-secure protocols should be disabled. INSTRUCTIONS Using the Nmap output, identify...

A compliance officer is reviewing the data sovereignty laws in several countries where the organization has no presence. Which of the following is the most likely reason for reviewing these laws? A. The organization is performing due diligence of potential tax issues. B. The organization has been subject to legal...

A security analyst is reviewing the following log: Which of the following possible events should the security analyst investigate further?A . A macro that was prevented from runningB . A text file containing passwords that were leakedC . A malicious file that was run in this environmentD . A PDF...

During a gap assessment, an organization notes that OYOD usage is a significant risk. The organization implemented administrative policies prohibiting BYOD usage However, the organization has not implemented technical controls to prevent the unauthorized use of BYOD assets when accessing the organization's resources . Which of the following solutions should...

A central bank implements strict risk mitigations for the hardware supply chain, including an allow list for specific countries of origin . Which of the following best describes the cyberthreat to the bank?A . Ability to obtain components during wartimeB . Fragility and other availability attacksC . Physical Implants and...

A security configure is building a solution to disable weak CBC configuration for remote access connections lo Linux systems . Which of the following should the security engineer modify?A . The /etc/openssl.conf file, updating the virtual site parameterB . The /etc/nsswith.conf file, updating the name serverC . The /etc/hosts file,...

A company wants to use loT devices to manage and monitor thermostats at all facilities The thermostats must receive vendor security updates and limit access to other devices within the organization. Which of the following best addresses the company's requirements''A . Only allowing Internet access to a set of specific...

A security analyst discovered requests associated with IP addresses known for born legitimate 3nd bot-related traffic . Which of the following should the analyst use to determine whether the requests are malicious?A . User-agent stringB . Byte length of the requestC . Web application headersD . HTML encoding fieldView AnswerAnswer:...