ExamTopics Logo
Mail Us[email protected]
Menu
Comptia Discussions
exam questions

Exam CAS-005 All Questions

View all questions & answers for the CAS-005 exam
Go to Exam

Exam CAS-005 topic 1 question 34 discussion

Actual exam question from CompTIA's CAS-005
Question #: 34
Topic #: 1
[All CAS-005 Questions]

An incident response team completed recovery from offline backup for several workstations. The workstations were subjected to a ransomware attack after users fell victim to a spear-phishing campaign, despite a robust training program. Which of the following questions should be considered during the lessons-learned phase to most likely reduce the risk of reoccurrence? (Choose two.)

  • A. Are there opportunities for legal recourse against the originators of the spear-phishing campaign?
  • B. What internal and external stakeholders need to be notified of the breach?
  • C. Which methods can be implemented to increase speed of offline backup recovery?
  • D. What measurable user behaviors were exhibited that contributed to the compromise?
  • E. Which technical controls, if implemented, would provide defense when user training fails?
  • F. Which user roles are most often targeted by spear phishing attacks?
Show Suggested Answer Hide Answer
Suggested Answer: DE 🗳️
by vicbersong at April 25, 2025, 1:54 p.m.

Comments

Chosen Answer:
This is a voting comment (?). It is better to Upvote an existing comment if you don't have anything to add.
Switch to a voting comment New
Submit Cancel
vicbersong
1 week, 6 days ago
Selected Answer: DE
D. What measurable user behaviors were exhibited that contributed to the compromise? Understanding the specific behaviors that led to the compromise is crucial in refining both training and security awareness programs. By analyzing what users did (e.g., opening attachments, clicking links) and correlating that with patterns of failure, the organization can tailor future training and prevention efforts to target those specific behaviors. E. Which technical controls, if implemented, would provide defense when user training fails? Even with robust training programs, users can still fall victim to phishing attacks. Implementing technical controls (like advanced email filtering, multi-factor authentication, or endpoint detection and response systems) can help mitigate the impact when training fails. These defences can provide an additional layer of security to prevent or lessen the severity of successful attacks.
upvoted 1 times
...
Community vote distribution
A (35%)
C (25%)
B (20%)
Other
Most Voted
A voting comment increases the vote count for the chosen answer by one.

Upvoting a comment with a selected answer will also increase the vote count towards that answer by one. So if you see a comment that you already agree with, you can upvote it instead of posting a new comment.

SaveCancel
exam
Someone Bought Contributor Access for:
SY0-701
London, 1 minute ago