CompTIACompTIA
CAS-005 · Question #150
CAS-005 Question #150: Real Exam Question with Answer & Explanation
Sign in or unlock CAS-005 to reveal the answer and full explanation for question #150. The question stem and answer options stay visible for context.
Submitted by kev92· Mar 6, 2026Security Operations
Question
A security engineer receives an alert from the SIEM platform indicating a possible malicious action on the internal network. The engineer generates a report that outputs the logs associated with the incident: Which of the following actions best enables the engineer to investigate further?
Options
- AConsulting logs from the enterprise password manager
- BSearching dark web monitoring resources for exposure
- CReviewing audit logs from privileged actions
- DQuerying user behavior analytics data
Unlock CAS-005 to see the answer
You've previewed enough free CAS-005 questions. Unlock CAS-005 for full answers, explanations, the timed quiz mode, progress tracking, and the master PDF. Question stem and options stay visible so you can still see what's on the exam.