Download the latest CAS-005 exam dumps PDF for Preparation.
Exam : CAS-005
Title : CompTIA SecurityX
Certification Exam
https://www.passcert.com/CAS-005.html
, Download the latest CAS-005 exam dumps PDF for Preparation.
1.A security analyst is reviewing the following authentication logs:
Which of the following should the analyst do first?
A. Disable User2's account
B. Disable User12's account
C. Disable User8's account
D. Disable User1's account
Answer: D
Explanation:
Based on the provided authentication logs, we observe that User1's account experienced multiple failed
login attempts within a very short time span (at 8:01:23 AM on 12/15). This pattern indicates a potential
brute-force attack or an attempt to gain unauthorized access. Here’s a breakdown of why disabling
User1's account is the appropriate first step:
Failed Login Attempts: The logs show that User1 had four consecutive failed login attempts:
VM01 at 8:01:23 AM
VM08 at 8:01:23 AM
VM01 at 8:01:23 AM
VM08 at 8:01:23 AM
Security Protocols and Best Practices: According to CompTIA Security+ guidelines, multiple failed login
attempts within a short timeframe should trigger an immediate response to prevent further potential
unauthorized access attempts. This typically involves temporarily disabling the account to stop ongoing
brute-force attacks.
Account Lockout Policy: Implementing an account lockout policy is a standard practice to thwart
brute-force attacks. Disabling User1's account will align with these best practices and prevent further
failed attempts, which might lead to successful unauthorized access if not addressed.
Reference: CompTIA Security+ SY0-601 Study Guide by Mike Chapple and David Seidl CompTIA
Security+ Certification Exam Objectives
NIST Special Publication 800-63B: Digital Identity Guidelines
By addressing User1's account first, we effectively mitigate the immediate threat of a brute-force attack,
ensuring that further investigation can be conducted without the risk of unauthorized access continuing
during the investigation period.
2.Which of the following AI concerns is most adequately addressed by input sanitation?
A. Model inversion
B. Prompt Injection
Exam : CAS-005
Title : CompTIA SecurityX
Certification Exam
https://www.passcert.com/CAS-005.html
, Download the latest CAS-005 exam dumps PDF for Preparation.
1.A security analyst is reviewing the following authentication logs:
Which of the following should the analyst do first?
A. Disable User2's account
B. Disable User12's account
C. Disable User8's account
D. Disable User1's account
Answer: D
Explanation:
Based on the provided authentication logs, we observe that User1's account experienced multiple failed
login attempts within a very short time span (at 8:01:23 AM on 12/15). This pattern indicates a potential
brute-force attack or an attempt to gain unauthorized access. Here’s a breakdown of why disabling
User1's account is the appropriate first step:
Failed Login Attempts: The logs show that User1 had four consecutive failed login attempts:
VM01 at 8:01:23 AM
VM08 at 8:01:23 AM
VM01 at 8:01:23 AM
VM08 at 8:01:23 AM
Security Protocols and Best Practices: According to CompTIA Security+ guidelines, multiple failed login
attempts within a short timeframe should trigger an immediate response to prevent further potential
unauthorized access attempts. This typically involves temporarily disabling the account to stop ongoing
brute-force attacks.
Account Lockout Policy: Implementing an account lockout policy is a standard practice to thwart
brute-force attacks. Disabling User1's account will align with these best practices and prevent further
failed attempts, which might lead to successful unauthorized access if not addressed.
Reference: CompTIA Security+ SY0-601 Study Guide by Mike Chapple and David Seidl CompTIA
Security+ Certification Exam Objectives
NIST Special Publication 800-63B: Digital Identity Guidelines
By addressing User1's account first, we effectively mitigate the immediate threat of a brute-force attack,
ensuring that further investigation can be conducted without the risk of unauthorized access continuing
during the investigation period.
2.Which of the following AI concerns is most adequately addressed by input sanitation?
A. Model inversion
B. Prompt Injection
