CompTIACompTIA
CAS-005 · Question #70
CAS-005 Question #70: Real Exam Question with Answer & Explanation
Sign in or unlock CAS-005 to reveal the answer and full explanation for question #70. The question stem and answer options stay visible for context.
Submitted by kwame.gh· Mar 6, 2026Security Operations
Question
A security analyst is reviewing suspicious log-in activity and sees the following data in the SIEM: Which of the following is the most appropriate action for the analyst to take?
Options
- AUpdate the log configuration settings on the directory server that Is not being captured properly.
- BHave the admin account owner change their password to avoid credential stuffing.
- CBlock employees from logging in to applications that are not part of their business area.
- Dimplement automation to disable accounts that nave been associated with high-risk activity.
Unlock CAS-005 to see the answer
You've previewed enough free CAS-005 questions. Unlock CAS-005 for full answers, explanations, the timed quiz mode, progress tracking, and the master PDF. Question stem and options stay visible so you can still see what's on the exam.