CompTIA
CAS-002 · Question #186
CAS-002 Question #186: Real Exam Question with Answer & Explanation
Sign in or unlock CAS-002 to reveal the answer and full explanation for question #186. The question stem and answer options stay visible for context.
Question
At 10:35 a.m. a malicious user was able to obtain a valid authentication token which allowed read/write access to the backend database of a financial company. At 10:45 a.m. the security administrator received multiple alerts from the company's statistical anomaly-based IDS about a company database administrator performing unusual transactions. At 10:55 a.m. the security administrator resets the database administrator's password. At 11:00 a.m. the security administrator is still receiving alerts from the IDS about unusual transactions from the same user. Which of the following is MOST likely the cause of the alerts?
Options
- AThe IDS logs are compromised.
- BThe new password was compromised.
- CAn input validation error has occurred.
- DA race condition has occurred.
Unlock CAS-002 to see the answer
You've previewed enough free CAS-002 questions. Unlock CAS-002 for full answers, explanations, the timed quiz mode, progress tracking, and the master PDF. Question stem and options stay visible so you can still see what's on the exam.