Exam Name: | CompTIA Advanced Security Practitioner (CASP+) Exam | ||
Exam Code: | CAS-004 Dumps | ||
Vendor: | CompTIA | Certification: | CompTIA CASP |
Questions: | 439 Q&A's | Shared By: | parker |
A security engineer is working for a service provider and analyzing logs and reports from a new EDR solution, which is installed on a small group of workstations. Later that day, another security engineer receives an email from two developers reporting the software being used for development activities is now blocked. The developers have not made any changes to the software being used. Which of the following is the EDR reporting?
A company is experiencing a large number of attempted network-based attacks against its online store. To determine the best course of action, a security analyst reviews the following logs.
Which of the following should the company do next to mitigate the risk of a compromise from these attacks?
A forensics investigator is analyzing an executable file extracted from storage media that was submitted (or evidence The investigator must use a tool that can identify whether the executable has indicators, which may point to the creator of the file Which of the following should the investigator use while preserving evidence integrity?
A security review of the architecture for an application migration was recently completed. The following observations were made:
• External inbound access is blocked.
• A large amount of storage is available.
• Memory and CPU usage are low.
• The load balancer has only a single server assigned.
• Multiple APIs are integrated.
Which of the following needs to be addressed?