CompTIA Exam CAS-003 Topic 5 Question 48 Discussion

Actual exam question for CompTIA's CAS-003 exam

Question #: 48
Topic #: 5

A security engineer is investigating a compromise that occurred between two internal computers. The engineer has determined during the investigation that one computer infected another. While reviewing the IDS logs, the engineer can view the outbound callback traffic but sees no traffic between the two computers. Which of the following would BEST address the IDS visibility gap?

AInstall network taps at the edge of the network.

BSend syslog from the IDS into the SIEM.

CInstall an enterprise antivirus system on each computer.

DSPAN traffic from the network core into the IDS.

Show Suggested Answer

Suggested Answer: D

by Carmelina at May 07, 2022, 04:05 AM

Limited Time Offer

25%

Off

Get Premium CAS-003 Questions as Interactive Web-Based Practice Test or PDF

Contribute your Thoughts:

Submit Cancel

Currently there are no comments in this discussion, be the first to comment!