CompTIA Related Exams
CAS-005 Exam
A security analyst receives the following SIEM alert for review:
Time | Event
03/07/2025 UTC 13:54:06 | MACHINE: hr_talent_01.corp.local " cd " SUCCESS
03/07/2025 UTC 13:54:07 | MACHINE: hr_talent_01.corp.local " cd ../../ " SUCCESS
03/07/2025 UTC 13:54:08 | MACHINE: hr_talent_01.corp.local " sudo cat /etc/shadow " SUCCESS
Which of the following best describes the incident that occurred on the device?
A company notices that cloud environment costs increased after using a new serverless solution based on API requests. Many invalid requests from unknown IPs were found, often within a short time. Which of the following solutions would most likely solve this issue, reduce cost, and improve security?
A security engineer is developing a solution to meet the following requirements?
• All endpoints should be able to establish telemetry with a SIEM.
• All endpoints should be able to be integrated into the XDR platform.
• SOC services should be able to monitor the XDR platform
Which of the following should the security engineer implement to meet the requirements?