CompTIA
CAS-003 · Question #549
CAS-003 Question #549: Real Exam Question with Answer & Explanation
Sign in or unlock CAS-003 to reveal the answer and full explanation for question #549. The question stem and answer options stay visible for context.
Question
A technician receives the following security alert from the firewall's automated system: Evidence: host repeatedly visited a dynamic DNS domain (17 time) After reviewing the alert, which of the following is the BEST analysis?
Exhibit
Options
- Athe alert is a false positive because DNS is a normal network function.
- Bthis alert indicates a user was attempting to bypass security measures using dynamic DNS.
- Cthis alert was generated by the SIEM because the user attempted too many invalid login attempts.
- Dthis alert indicates an endpoint may be infected and is potentially contacting a suspect host.
Unlock CAS-003 to see the answer
You've previewed enough free CAS-003 questions. Unlock CAS-003 for full answers, explanations, the timed quiz mode, progress tracking, and the master PDF. Question stem and options stay visible so you can still see what's on the exam.