CAS-005 無料問題集「CompTIA SecurityX Certification」
A security engineer receives an alert from the SIEM platform indicating a possible malicious action on the internal network. The engineer generates a report that outputs the logs associated with the incident:
Which of the following actions best enables the engineer to investigate further?
Which of the following actions best enables the engineer to investigate further?
正解:D
解答を投票する
SIMULATION
A product development team has submitted code snippets for review prior to release.
INSTRUCTIONS
Analyze the code snippets, and then select one vulnerability, and one fix for each code snippet.
If at any time you would like to bring back the initial state of the simulation, please click the Reset All button.
Code Snippet 1
Code Snippet 2
A product development team has submitted code snippets for review prior to release.
INSTRUCTIONS
Analyze the code snippets, and then select one vulnerability, and one fix for each code snippet.
If at any time you would like to bring back the initial state of the simulation, please click the Reset All button.
Code Snippet 1
Code Snippet 2
正解:
A financial technology firm works collaboratively with business partners in the industry to share threat intelligence within a central platform. This collaboration gives partner organizations the ability to obtain and share data associated with emerging threats from a variety of adversaries.
Which of the following should the organization most likely leverage to facilitate this activity?
(Choose two.)
Which of the following should the organization most likely leverage to facilitate this activity?
(Choose two.)
正解:C、F
解答を投票する
解説: (JPNTest メンバーにのみ表示されます)
Company A and Company D are merging Company A's compliance reports indicate branch protections are not in place. A security analyst needs to ensure that potential threats to the software development life cycle are addressed. Which of the following should me analyst consider when completing this basic?
正解:A
解答を投票する
解説: (JPNTest メンバーにのみ表示されます)
A company has integrated source code from a subcontractor into its security product. The subcontractor is located in an adversarial country and has informed the company of a requirement to escrow the source code with the subcontractor's government. Which of the following is a potential security risk arising from this situation?
正解:A
解答を投票する
解説: (JPNTest メンバーにのみ表示されます)
Developers have been creating and managing cryptographic material on their personal laptops fix use in production environment. A security engineer needs to initiate a more secure process.
Which of the following is the best strategy for the engineer to use?
Which of the following is the best strategy for the engineer to use?
正解:B
解答を投票する
解説: (JPNTest メンバーにのみ表示されます)
A company acquires a location with a large infrastructure of legacy devices. Because of the hardware's age and the legacy software's limitations, the OS cannot be upgraded, and the machines cannot be virtualized. These machines are not publicly facing, but they do have internet access. The following controls are currently in place:
- EDR
- Anti-malware
- Logging and monitoring
- Host-based firewall
- Proxied internet access
A security architect needs to supplement the existing control strategy with one that restricts unauthorized software. Which of the following controls should the architect recommend to best supplement the existing environment?
- EDR
- Anti-malware
- Logging and monitoring
- Host-based firewall
- Proxied internet access
A security architect needs to supplement the existing control strategy with one that restricts unauthorized software. Which of the following controls should the architect recommend to best supplement the existing environment?
正解:D
解答を投票する
A security officer received several complaints from users about excessive MPA push notifications at night. The security team investigates and suspects malicious activities regarding user account authentication. Which of the following is the best way for the security officer to restrict MFA notifications?
正解:B
解答を投票する
解説: (JPNTest メンバーにのみ表示されます)
A systems engineer is configuring a system baseline for servers that will provide email services.
As part of the architecture design, the engineer needs to improve performance of the systems by using an access vector cache, facilitating mandatory access control and protecting against:
- Unauthorized reading and modification of data and programs
- Bypassing application security mechanisms
- Privilege escalation
- interference with other processes
Which of the following is the most appropriate for the engineer to deploy?
As part of the architecture design, the engineer needs to improve performance of the systems by using an access vector cache, facilitating mandatory access control and protecting against:
- Unauthorized reading and modification of data and programs
- Bypassing application security mechanisms
- Privilege escalation
- interference with other processes
Which of the following is the most appropriate for the engineer to deploy?
正解:D
解答を投票する
解説: (JPNTest メンバーにのみ表示されます)
A security analyst detects a possible RAT infection on a computer in the internal network. After reviewing the details of the alert, the analyst identifies the initial vector of the attack was an email that was forwarded to multiple recipients in the same organizational unit. Which of the following should the analyst do first to minimize this type of threat in the future?
正解:C
解答を投票する