Exam Name: | CompTIA Advanced Security Practitioner (CASP+) Exam | ||
Exam Code: | CAS-004 Dumps | ||
Vendor: | CompTIA | Certification: | CompTIA CASP |
Questions: | 439 Q&A's | Shared By: | orhan |
Given the following log snippet from a web server:
Which of the following BEST describes this type of attack?
A security analyst detected a malicious PowerShell attack on a single server. The malware used the Invoke-Expression function to execute an external malicious script. The security analyst scanned the disk with an antivirus application and did not find any IOCs. The security analyst now needs to deploy a protection solution against this type of malware.
Which of the following BEST describes the type of malware the solution should protect against?
The OS on several servers crashed around the same time for an unknown reason. The servers were restored to working condition, and all file integrity was verified. Which of the following should the incident response team perform to understand the crash and prevent it in the future?
A company suspects a web server may have been infiltrated by a rival corporation. The security engineer reviews the web server logs and finds the following:
The security engineer looks at the code with a developer, and they determine the log entry is created when the following line is run:
Which of the following is an appropriate security control the company should implement?