ExamTopics Logo
Mail Us[email protected]
Menu
Comptia Discussions
exam questions

Exam CAS-004 All Questions

View all questions & answers for the CAS-004 exam
Go to Exam

Exam CAS-004 topic 1 question 298 discussion

Actual exam question from CompTIA's CAS-004
Question #: 298
Topic #: 1
[All CAS-004 Questions]

An organization does not have visibility into when company-owned assets are off network or not connected via a VPN. The lack of visibility prevents the organization from meeting security and operational objectives. Which of the following cloud-hosted solutions should the organization implement to help mitigate the risk?

  • A. Antivirus
  • B. UEBA
  • C. EDR
  • D. HIDS
Show Suggested Answer Hide Answer
Suggested Answer: C 🗳️
by CXSSP at Sept. 17, 2023, 7:10 p.m.

Comments

Chosen Answer:
This is a voting comment (?). It is better to Upvote an existing comment if you don't have anything to add.
Switch to a voting comment New
Submit Cancel
hb0011
Highly Voted 1 year ago
Selected Answer: C
This question is clearly aiming for EDR
upvoted 6 times
...
Jhonys
Highly Voted 1 year, 1 month ago
Selected Answer: C
While UEBA is a powerful tool for monitoring user behavior and detecting anomalies, it does not necessarily provide visibility or control over assets when they are outside the network. UEBA is more focused on behavior analysis than endpoint visibility. On the other hand, EDR is specifically designed to provide continuous visibility and monitoring of endpoints regardless of their location. It can detect, prevent, and respond to endpoint security incidents, even when company assets are outside the network or not connected through a VPN.
upvoted 5 times
...
CraZee
Most Recent 11 months, 3 weeks ago
Selected Answer: B
ChatGPT 3.5 still suggests B (as nuel_12 mentioned): B. UEBA (User and Entity Behavior Analytics) User and Entity Behavior Analytics (UEBA) solutions analyze the behavior of users and entities (devices) to detect anomalies and potential security threats. UEBA can help in identifying unusual patterns or activities that may indicate compromised accounts or devices. It doesn't solely rely on network visibility, making it suitable for scenarios where assets are off-network or not connected via a VPN. C. EDR (Endpoint Detection and Response): EDR solutions are designed for detecting and responding to security incidents on endpoints but may require continuous network connectivity.
upvoted 1 times
1aab10b
9 months, 3 weeks ago
ChatGPT 4 suggests - C. EDR (Endpoint Detection and Response) EDR solutions are designed to continuously monitor and collect data from endpoints to provide security teams with the visibility they need to identify, investigate, and respond to threats. Unlike traditional antivirus solutions that primarily focus on preventing known malware threats, EDR solutions offer comprehensive visibility into endpoint activities, including when assets are off the corporate network. EDR capabilities often include behavioral analysis to detect suspicious activities that may indicate a compromise, real-time monitoring, and the ability to remotely respond to incidents. This makes EDR an effective solution for mitigating risks associated with endpoints operating outside the corporate network.
upvoted 3 times
...
...
Delab202
1 year ago
Selected Answer: C
UEBA and EDR are often used together as part of a comprehensive cybersecurity strategy. While UEBA focuses on behavior across the network, EDR provides detailed visibility and control at the endpoint level.
upvoted 5 times
...
nuel_12
1 year, 2 months ago
Selected Answer: B
UEBA and EDR provide different levels of visibility into the network. UEBA provides a broader and deeper visibility into the user and entity behavior across the network, while EDR provides a more granular and focused visibility into the endpoint activity and status, FROM CHATGPT
upvoted 1 times
...
ThatGuyOverThere
1 year, 2 months ago
Selected Answer: C
I could see why some would pick UEBA but I'm going with EDR because the quest focuses more on assets specifically. It never mentions users which is more of a focus on user behavior (yes, I know, not the ONLY focus). Plus if you are going to choose between only UEBA or only EDR, you should go with EDR and then layer on UEBA when you can.
upvoted 4 times
OdinAtlasSteel
1 year, 2 months ago
EDR solutions may not provide the same level of visibility for endpoints that are off-network or not connected via a VPN. UEBA solutions, on the other hand, are designed to analyze user and entity behavior across a wider range of data sources, including cloud-based activities and off-network behavior. They are better suited to addressing the specific challenge of visibility into off-network or remote activities. While EDR can play a role in endpoint security, it may not provide the same coverage for scenarios where assets are off-network, making UEBA a more appropriate choice for mitigating the specific risk described in the question.
upvoted 1 times
...
ThatGuyOverThere
1 year, 2 months ago
Holy typos, Batman.
upvoted 1 times
...
...
32d799a
1 year, 3 months ago
Selected Answer: C
EDR (Endpoint Detection and Response): EDR solutions are designed to provide visibility, detection, and response capabilities directly at the endpoint level.
upvoted 4 times
...
JackZ
1 year, 3 months ago
Selected Answer: B
UEBA is correct
upvoted 2 times
...
POWNED
1 year, 3 months ago
Selected Answer: B
The answer is UEBA
upvoted 2 times
...
JackZ
1 year, 3 months ago
Selected Answer: B
i would like select B
upvoted 2 times
...
Ariel235788
1 year, 3 months ago
Selected Answer: B
To gain visibility into company-owned assets when they are off-network or not connected via a VPN, you should implement a User and Entity Behavior Analytics (UEBA) solution. UEBA solutions monitor user and entity behaviors to detect anomalies and potential security threats, even when devices are not directly connected to the corporate network or VPN. This helps in maintaining security and operational objectives by providing insights into activities and potential risks associated with these assets.
upvoted 2 times
...
CXSSP
1 year, 4 months ago
User and Entity Behavior Analytics (UEBA) is a cloud-hosted solution that focuses on monitoring and analyzing user and entity activities to detect anomalous behavior. It helps organizations gain visibility into user actions, device activities, and network behavior.
upvoted 2 times
...
CXSSP
1 year, 4 months ago
Selected Answer: B
This should've been B because the device is not connected and off network. EDR is not going to help if the host is offline
upvoted 2 times
...
Community vote distribution
A (35%)
C (25%)
B (20%)
Other
Most Voted
A voting comment increases the vote count for the chosen answer by one.

Upvoting a comment with a selected answer will also increase the vote count towards that answer by one. So if you see a comment that you already agree with, you can upvote it instead of posting a new comment.

SaveCancel