CompTIA Exam CAS-005 Topic 4 Question 9 Discussion

Actual exam question for CompTIA's CAS-005 exam

Question #: 9
Topic #: 4

[All CAS-005 Questions]

Which of the following is the security engineer most likely doing?

AAssessing log in activities using geolocation to tune impossible Travel rate alerts

BReporting on remote log-in activities to track team metrics

CThreat hunting for suspicious activity from an insider threat

DBaselining user behavior to support advanced analytics

Show Suggested Answer

Suggested Answer: A

In the given scenario, the security engineer is likely examining login activities and their associated geolocations. This type of analysis is aimed at identifying unusual login patterns that might indicate an impossible travel scenario. An impossible travel scenario is when a single user account logs in from geographically distant locations in a short time, which is physically impossible. By assessing login activities using geolocation, the engineer can tune alerts to identify and respond to potential security breaches more effectively.

by Caitlin at Jan 23, 2025, 09:24 AM

Limited Time Offer

25%

Off

Get Premium CAS-005 Questions as Interactive Web-Based Practice Test or PDF

Contribute your Thoughts:

Submit Cancel

Currently there are no comments in this discussion, be the first to comment!