CAS-005 Question #246: Real Exam Question with Answer & Explanation

Sign in or unlock CAS-005 to reveal the answer and full explanation for question #246. The question stem and answer options stay visible for context.

Submitted by alyssa_d· Mar 6, 2026Security Operations

Question

A security engineer wants to stay up-to-date on new detections that are released on a regular basis. The engineer's organization uses multiple tools rather than one specific vendor security stack. Which of the following rule-based languages is the most appropriate to use as a baseline for detection rules with the multiple security tool setup?

Options

ASigma
BYARA
CSnort
DRita

Unlock CAS-005 to see the answer

You've previewed enough free CAS-005 questions. Unlock CAS-005 for full answers, explanations, the timed quiz mode, progress tracking, and the master PDF. Question stem and options stay visible so you can still see what's on the exam.

Unlock CAS-005 - $49.99 / 30 days Sign in

Full CAS-005 Practice Browse All CAS-005 Questions