CompTIA
CAS-003 · Question #797
CAS-003 Question #797: Real Exam Question with Answer & Explanation
Sign in or unlock CAS-003 to reveal the answer and full explanation for question #797. The question stem and answer options stay visible for context.
Question
A company in the financial sector receives a substantial number of customer transaction requests via email. While doing a root-cause analysis conceding a security breach, the CIRT correlates an unusual spike in port 80 traffic from the IP address of a desktop used by a customer relations employee who has access to several of the compromised accounts. Subsequent antivirus scans of the device do not return an findings, but the CIRT finds undocumented services running on the device. Which of the following controls would reduce the discovery time for similar in the future.
Options
- AImplementing application blacklisting
- BConfiguring the mall to quarantine incoming attachment automatically
- CDeploying host-based firewalls and shipping the logs to the SIEM
- DIncreasing the cadence for antivirus DAT updates to twice daily
Unlock CAS-003 to see the answer
You've previewed enough free CAS-003 questions. Unlock CAS-003 for full answers, explanations, the timed quiz mode, progress tracking, and the master PDF. Question stem and options stay visible so you can still see what's on the exam.