New Year Special 70% Discount Offer - Ends in 0d 00h 00m 00s - Coupon code: save70

CAS-005 CompTIA Exam Lab Questions

Page: 7 / 9
Total 117 questions

CompTIA SecurityX Certification Exam Questions and Answers

Question 25

Which of the following is the security engineer most likely doing?

Options:

A.

Assessing log in activities using geolocation to tune impossible Travel rate alerts

B.

Reporting on remote log-in activities to track team metrics

C.

Threat hunting for suspicious activity from an insider threat

D.

Baselining user behavior to support advanced analytics

Question 26

An organization is implementing Zero Trust architecture A systems administrator must increase the effectiveness of the organization's context-aware access system. Which of the following is the best way to improve the effectiveness of the system?

Options:

A.

Secure zone architecture

B.

Always-on VPN

C.

Accurate asset inventory

D.

Microsegmentation

Question 27

A security configure is building a solution to disable weak CBC configuration for remote access connections lo Linux systems. Which of the following should the security engineer modify?

Options:

A.

The /etc/openssl.conf file, updating the virtual site parameter

B.

The /etc/nsswith.conf file, updating the name server

C.

The /etc/hosts file, updating the IP parameter

D.

The /etc/etc/sshd, configure file updating the ciphers

Question 28

A security engineer needs 10 secure the OT environment based on me following requirements

• Isolate the OT network segment

• Restrict Internet access.

• Apply security updates two workstations

• Provide remote access to third-party vendors

Which of the following design strategies should the engineer implement to best meet these requirements?

Options:

A.

Deploy a jump box on the third party network to access the OT environment and provide updates using a physical delivery method on the workstations

B.

Implement a bastion host in the OT network with security tools in place to monitor access and use a dedicated update server for the workstations.

C.

Enable outbound internet access on the OT firewall to any destination IP address and use the centralized update server for the workstations

D.

Create a staging environment on the OT network for the third-party vendor to access and enable automatic updates on the workstations.

Page: 7 / 9
Total 117 questions