CAS-005 · Question #234
CAS-005 Question #234: Real Exam Question with Answer & Explanation
The correct answer is C: Audit mode. Audit mode allows monitoring and logging of applications without enforcing restrictions. This is ideal in environments with non-standard applications and undefined ownership because it enables the engineer to observe the environment and gradually implement control without Audit m
Question
An endpoint security engineer finds that a newly acquired company has a variety of non-standard applications running and no defined ownership for those applications. The engineer needs to find a solution that restricts malicious programs and software from running in that environment, while allowing the non-standard applications to function without interruption. Which of the following application control configurations should the engineer apply?
Options
- ADeny list
- BAllow list
- CAudit mode
- DMAC list
Explanation
Audit mode allows monitoring and logging of applications without enforcing restrictions. This is ideal in environments with non-standard applications and undefined ownership because it enables the engineer to observe the environment and gradually implement control without Audit mode provides critical visibility into the software landscape, ensuring that necessary applications remain functional.
Community Discussion
No community discussion yet for this question.