CompTIA Exam CAS-004 Topic 4 Question 37 Discussion

Actual exam question for CompTIA's CAS-004 exam

Question #: 37
Topic #: 4

city government's IT director was notified by the City council that the following cybersecurity requirements must be met to be awarded a large federal grant:

+ Logs for all critical devices must be retained for 365 days to enable monitoring and threat hunting.

+ All privileged user access must be tightly controlled and tracked to mitigate compromised accounts.

+ Ransomware threats and zero-day vulnerabilities must be quickly identified.

Which of the following technologies would BEST satisfy these requirements? (Select THREE).

AEndpoint protection

BLog aggregator

CZero trust network access

DPAM

ECloud sandbox

FSIEM

GNGFW
1. Log aggregator: A log aggregator is a tool that collects, parses, and stores logs from various sources, such as devices, applications, servers, etc.A log aggregator can help meet the requirement of retaining logs for 365 days by providing a centralized and scalable storage solution1.
2. PAM: PAM stands for privileged access management. It is a technology that controls and monitors the access of privileged users (such as administrators) to critical systems and data. PAM can help meet the requirement of controlling and tracking privileged user access by enforcing policies such as least privilege, multifactor authentication, password rotation, session recording, etc. .
2. SIEM: SIEM stands for security information and event management. It is a technology that analyzes and correlates logs from various sources to detect and respond to security incidents. SIEM can help meet the requirement of identifying ransomware threats and zero-day vulnerabilities by providing real-time alerts, threat intelligence feeds, incident response workflows, etc. .

Show Suggested Answer

Suggested Answer: B, D, F

by Cory at Jul 28, 2023, 06:53 AM

Limited Time Offer

25%

Off

Get Premium CAS-004 Questions as Interactive Web-Based Practice Test or PDF

Contribute your Thoughts:

Submit Cancel

Currently there are no comments in this discussion, be the first to comment!