CompTIACompTIA
CAS-005 · Question #23
CAS-005 Question #23: Real Exam Question with Answer & Explanation
Sign in or unlock CAS-005 to reveal the answer and full explanation for question #23. The question stem and answer options stay visible for context.
Submitted by jakub_pl· Mar 6, 2026Security Operations
Question
A security analyst wants to use lessons learned from a prior incident response to reduce dwell time in the future. The analyst is using the following data points: Which of the following would the analyst most likely recommend?
Options
- AAdjusting the SIEM to alert on attempts to visit phishing sites
- BAllowing TRACE method traffic to enable better log correlation
- CEnabling alerting on all suspicious administrator behavior
- Dutilizing allow lists on the WAF for all users using GFT methods
Unlock CAS-005 to see the answer
You've previewed enough free CAS-005 questions. Unlock CAS-005 for full answers, explanations, the timed quiz mode, progress tracking, and the master PDF. Question stem and options stay visible so you can still see what's on the exam.