CAS-005 Exam Results

Step-by-Step Explanation:

Regression testing ensures that new changes do not break existing functionality. It would have identified the memory leak before deployment, preventing downtime.

The best solution is to provide a hash of all data made available (D). Hashing ensures the integrity of the threat intelligence data provided to customers. Clients can verify that the data received via API matches the published hash, ensuring no tampering occurred in transit or at rest. This supports customer trust and aligns with the objective of protecting data integrity while maintaining availability.

Option A (API secret keys) improves authentication and reduces attack surface but does not address integrity or compute efficiency. Option B (publishing IoCs publicly) increases attack surface and reduces control over distribution, which conflicts with security objectives. Option C (rate limiting) helps availability and cost control but does not guarantee data integrity.

By providing hashes, the company ensures customers can validate authenticity regardless of delivery method, reducing the risk of manipulated IoCs. This approach also minimizes compute spend since hashing is lightweight compared to continuous verification processes.

Therefore, the strongest alignment with all stated objectives—availability, reduced spend, reduced attack surface, and integrity—is achieved by providing hashes of all threat intelligence data.

Authenticated scans allow the scanner to verify installed patches and configurations, reducing false positives.

Other options:

A (CMDB updates) improve asset tracking but do not validate patch installations.

C (Advanced fingerprinting) improves accuracy but does not replace authentication.

D (Coordination with teams) is good practice but does not prevent false positives.

When differentiating between valid and invalid findings from vulnerability scans, the systemsadministrator should verify that the scanning credentials are properly configured. Valid credentials ensure that the scanner can authenticate and access the systems being evaluated, providing accurate and comprehensive results. Without proper credentials, scans may miss vulnerabilities or generate false positives, making it difficult to prioritize and address the findings effectively.