CompTIA
CAS-001 · Question #350
CAS-001 Question #350: Real Exam Question with Answer & Explanation
Sign in or unlock CAS-001 to reveal the answer and full explanation for question #350. The question stem and answer options stay visible for context.
Question
At 10:35 a.m. a malicious user was able to obtain a valid authentication token which allowed read/write access to the backend database of a financial company. At 10:45 a.m. the security administrator received multiple alerts from the company's statistical anomaly-based IDS about a company database administrator performing unusual transactions. At 10:55 a.m. the security administrator resets the database administrator's password. At 11:00 a.m. the security administrator is still receiving alerts from the IDS about unusual transactions from the same user. Which of the following is MOST likely the cause of the alerts?
Options
- AThe IDS logs are compromised.
- BThe new password was compromised.
- CAn input validation error has occurred.
- DA race condition has occurred.
Unlock CAS-001 to see the answer
You've previewed enough free CAS-001 questions. Unlock CAS-001 for full answers, explanations, the timed quiz mode, progress tracking, and the master PDF. Question stem and options stay visible so you can still see what's on the exam.