nerdexam
ExamsCAS-005Questions#259
CompTIACompTIA

CAS-005 · Question #259

CAS-005 Question #259: Real Exam Question with Answer & Explanation

The correct answer is C: Only allow connections from approved IPs.. The logs show successful admin access from both an internal IP (192.168.2.5) and an external IP (104.18.16.29). Since external access during off-hours indicates compromise, the best long-term mitigation is to restrict remote access so only approved IPs can connect. This prevents

Submitted by andres_qro· Mar 6, 2026Security Operations

Question

A building camera is remotely accessed and disabled from the remote console application during off-hours. A security analyst reviews the following logs: Which of the following actions should the analyst take to best mitigate the threat?

Options

  • AImplement WAF protection for the web application.
  • BUpgrade the firmware on the camera.
  • COnly allow connections from approved IPs.
  • DBlock IP 104.18.16.29 on the firewall.

Explanation

The logs show successful admin access from both an internal IP (192.168.2.5) and an external IP (104.18.16.29). Since external access during off-hours indicates compromise, the best long-term mitigation is to restrict remote access so only approved IPs can connect. This prevents unauthorized external access while maintaining legitimate internal management.

Community Discussion

No community discussion yet for this question.

Sign up to join the discussion
Full CAS-005 PracticeBrowse All CAS-005 Questions