DRAG DROP
IT staff within a company often conduct remote desktop sharing sessions with vendors to troubleshoot vendor product-related issues. Drag and drop the following security controls to match the associated security concern.
Options may be used once or not at all.
Select and Place:

Due to locality and budget constraints, an organization's satellite office has a lower bandwidth allocation than other offices. As a result, the local security infrastructure staff is assessing architectural options that will help preserve network bandwidth and increase speed to both internal and external resources while not sacrificing threat visibility.
Which of the following would be the best option to implement?
A. Distributed connection allocationA senior security engineer flags the following log file snippet as having likely facilitated an attacker's lateral movement in a recent breach:

Which of the following solutions, if implemented, would mitigate the risk of this issue reoccurring?
A. Disabling DNS zone transfersA commercial OSINT provider utilizes and reviews data from various sources of publicly available information. The provider is transitioning the subscription service to a model that limit's the scope of available data based on subscription tier.
Which of the following approaches would best ensure subscribers are only granted access to data associated with their tier? (Choose two.)
A. Storing collected data on separate physical media per tierA penetration tester is drafting a report of findings and recommendations. Multiple EOL biomedical devices were compromised using a combination of known-exploit payloads for CVEs and VLAN hopping. The tester acknowledges that the systems cannot be changed or replaced in the hospital due to regulatory, safety, and cost reasons.
Which of the following are the most effective controls for this scenario? (Select two).
A. Deploying an IDS with active response for threat activities from a network tapBefore launching a new web application, an organization would like to perform security testing.
Which of the following resources should the organization use to determine the objectives for the test?
A. CASBA company that relies on an COL system must keep it operating until a new solution is available.
Which of the following is the most secure way to meet this goal?
A. Isolating the system and enforcing firewall rules to allow access to only required endpointsThe Chief Information Security Officer (CISO) reviews some reports indicating that the length of time to patch endpoints with vulnerabilities has been steadily increasing. Many endpoints are missing security agents, and the number of unapproved BYOD endpoints has increased.
Which of the following would be best to address the CISO ' s security concerns?
A. Using an Always On VPN for remote staff to receive patches fasterAn ISAC supplied recent threat intelligence information about pictures used on social media that provide reconnaissance of systems in use in secure facilities. In response, the Chief Information Security Officer (CISO) wants several configuration changes implemented via the MDM to ensure the following: Camera functions and location services are blocked for corporate mobile devices.
All social media is blocked on the corporate and guest wireless networks.
Which of the following is the CISO practicing to safeguard against the threat?
A. Adversary emulationAn organization recently acquired another company that is running a different EDR solution. A SOC analyst wants to automate the isolation of endpoints that are found to be compromised.
Which of the following workflows best mitigates the risk of false positives and reduces the spread of malicious code?
A. Using a SOAR solution to look up entities via a TIP platform and isolate endpoints via APIsNowadays, the certification exams become more and more important and required by more and more enterprises when applying for a job. But how to prepare for the exam effectively? How to prepare for the exam in a short time with less efforts? How to get a ideal result and how to find the most reliable resources? Here on Vcedump.com, you will find all the answers. Vcedump.com provide not only CompTIA exam questions, answers and explanations but also complete assistance on your exam preparation and certification application. If you are confused on your CAS-005 exam preparations and CompTIA certification application, do not hesitate to visit our Vcedump.com to find your solutions here.