ExamTopics Logo
Mail Us[email protected]
Menu
Comptia Discussions
exam questions

Exam CAS-005 All Questions

View all questions & answers for the CAS-005 exam
Go to Exam

Exam CAS-005 topic 1 question 47 discussion

Actual exam question from CompTIA's CAS-005
Question #: 47
Topic #: 1
[All CAS-005 Questions]

A security team receives alerts regarding impossible travel and possible brute-force attacks after normal business hours. After reviewing more logs, the team determines that specific users were targeted and attempts were made to transfer data to an unknown site. Which of the following should the team do to help mitigate these issues?

  • A. Create a firewall rule to prevent those users from accessing sensitive data.
  • B. Restrict uploading activity to only authorized sites.
  • C. Enable packet captures to continue to run for the source and destination related to the file transfer.
  • D. Disable login activity for those users after business hours.
Show Suggested Answer Hide Answer
Suggested Answer: B 🗳️
by vicbersong at April 29, 2025, 8:33 p.m.

Comments

Chosen Answer:
This is a voting comment (?). It is better to Upvote an existing comment if you don't have anything to add.
Switch to a voting comment New
Submit Cancel
vicbersong
1 week, 1 day ago
Selected Answer: B
✅ B. Restrict uploading activity to only authorized sites. 🔍 Explanation: The scenario describes signs of a targeted attack (e.g., brute force + impossible travel) that may have resulted in data exfiltration attempts to an unauthorized external site. To prevent data from being leaked, the most effective control is to: Limit file uploads to trusted, authorized destinations only — for example, blocking uploads to unknown IPs or domains using a DLP solution, CASB, or proxy. This approach directly mitigates the core issue: preventing unauthorized data transfers even if an account is compromised.
upvoted 1 times
...
Community vote distribution
A (35%)
C (25%)
B (20%)
Other
Most Voted
A voting comment increases the vote count for the chosen answer by one.

Upvoting a comment with a selected answer will also increase the vote count towards that answer by one. So if you see a comment that you already agree with, you can upvote it instead of posting a new comment.

SaveCancel
exam
Someone Bought Contributor Access for:
SY0-701
London, 1 minute ago