CompTIACompTIA
CAS-005 · Question #499
CAS-005 Question #499: Real Exam Question with Answer & Explanation
Sign in or unlock CAS-005 to reveal the answer and full explanation for question #499. The question stem and answer options stay visible for context.
Submitted by omar99· Mar 6, 2026Security Engineering
Question
A security architect performs a baseline review on the SIEM. The findings indicate that multiple use cases are missing and coverage is limited for defense evasion techniques. Which of the following processes best describes what the architect should do?
Options
- AImplement a TIP on the internal network to facilitate the creation of a use case.
- BPerform a penetration test on critical devices and document IOCs for use cases.
- CCreate a list of use cases based on Snort detection rules.
- DUse Sigma to build the logic of the use cases and testing on the SIEM.
Unlock CAS-005 to see the answer
You've previewed enough free CAS-005 questions. Unlock CAS-005 for full answers, explanations, the timed quiz mode, progress tracking, and the master PDF. Question stem and options stay visible so you can still see what's on the exam.