CompTIA Exam CAS-005 Topic 1 Question 7 Discussion

Actual exam question for CompTIA's CAS-005 exam

Question #: 7
Topic #: 1

[All CAS-005 Questions]

Which of the following is the security engineer most likely doing?

AAssessing log in activities using geolocation to tune impossible Travel rate alerts

BReporting on remote log-in activities to track team metrics

CThreat hunting for suspicious activity from an insider threat

DBaselining user behavior to support advanced analytics

Show Suggested Answer

Suggested Answer: A

In the given scenario, the security engineer is likely examining login activities and their associated geolocations. This type of analysis is aimed at identifying unusual login patterns that might indicate an impossible travel scenario. An impossible travel scenario is when a single user account logs in from geographically distant locations in a short time, which is physically impossible. By assessing login activities using geolocation, the engineer can tune alerts to identify and respond to potential security breaches more effectively.

by Domonique at Dec 08, 2024, 09:59 PM

Limited Time Offer

25%

Off

Get Premium CAS-005 Questions as Interactive Web-Based Practice Test or PDF

Contribute your Thoughts:

Submit Cancel

Lasandra

4 days ago

I think the security engineer is threat hunting for suspicious activity from an insider threat.

upvoted 0 times

...