- Home
- CompTIA
- CompTIA Advanced Security Practitioner (CASP+) Exam
- CompTIA.CAS-004.v2025-06-30.q245
- Question 45
Valid CAS-004 Dumps shared by ExamDiscuss.com for Helping Passing CAS-004 Exam! ExamDiscuss.com now offer the newest CAS-004 exam dumps, the ExamDiscuss.com CAS-004 exam questions have been updated and answers have been corrected get the newest ExamDiscuss.com CAS-004 dumps with Test Engine here:
Access CAS-004 Dumps Premium Version
(620 Q&As Dumps, 35%OFF Special Discount Code: freecram)
<< Prev Question Next Question >>
Question 45/245
After investigating a recent security incident, a SOC analyst is charged with creating a reference guide for the entire team to use. Which of the following should the analyst create to address future incidents?
Correct Answer: C
A runbook is a detailed guide that provides step-by-step instructions on how to respond to specific types of incidents. It is used by the SOC team to ensure a consistent, organized, and efficient response to incidents. In this case, after the incident investigation, creating a runbook would help standardize the response process for future security incidents, enabling the team to act quickly and effectively. CASP+ emphasizes the importance of having detailed runbooks for incident response as part of an organization's overall incident response strategy.
References:
* CASP+ CAS-004 Exam Objectives: Domain 2.0 - Enterprise Security Operations (Incident Response and Runbooks)
* CompTIA CASP+ Study Guide: Incident Response Procedures and Runbooks
References:
* CASP+ CAS-004 Exam Objectives: Domain 2.0 - Enterprise Security Operations (Incident Response and Runbooks)
* CompTIA CASP+ Study Guide: Incident Response Procedures and Runbooks
- Question List (245q)
- Question 1: A recent data breach stemmed from unauthorized access to an ...
- Question 2: A security engineer needs 10 implement a CASB to secure empl...
- Question 3: A networking team was asked to provide secure remote access ...
- Question 4: A developer needs to implement PKI in an autonomous vehicle'...
- Question 5: Device event logs sources from MDM software as follows: (Exh...
- Question 6: A company created an external application for its customers....
- Question 7: A security engineer has learned that terminated employees' a...
- Question 8: An organization needs to classify its systems and data in ac...
- Question 9: A company undergoing digital transformation is reviewing the...
- Question 10: An enterprise is undergoing an audit to review change manage...
- Question 11: A security engineer has been informed by the firewall team t...
- Question 12: An analyst determined that the current process for manually ...
- Question 13: An attacker infiltrated an electricity-generation site and d...
- Question 14: A company recently deployed a SIEM and began importing logs ...
- Question 15: A security analyst discovered that the company's WAF was not...
- Question 16: When implementing serverless computing an organization must ...
- Question 17: A security technician is trying to connect a remote site to ...
- Question 18: A company plans to build an entirely remote workforce that u...
- Question 19: A security engineer performed an assessment on a recently de...
- Question 20: An organization's assessment of a third-party, non-critical ...
- Question 21: A company has decided to purchase a license for software tha...
- Question 22: In a cloud environment, the provider offers relief to an org...
- Question 23: During a recent security incident investigation, a security ...
- Question 24: The goal of a Chief information Security Officer (CISO) prov...
- Question 25: A DNS forward lookup zone named complia.org must: * Ensure t...
- Question 26: Ransomware encrypted the entire human resources fileshare fo...
- Question 27: An employee's device was missing for 96 hours before being r...
- Question 28: Law enforcement officials informed an organization that an i...
- Question 29: A forensics investigator is analyzing an executable file ext...
- Question 30: A company suspects a web server may have been infiltrated by...
- Question 31: A security consultant has been asked to identify a simple, s...
- Question 32: A new web server must comply with new secure-by-design princ...
- Question 33: A software developer must choose encryption algorithms to se...
- Question 34: An organization's finance system was recently attacked. A fo...
- Question 35: A security researcher identified the following messages whil...
- Question 36: A developer wants to maintain integrity to each module of a ...
- Question 37: A security engineer is working for a service provider and an...
- Question 38: An analyst reviews the following output collected during the...
- Question 39: A security administrator wants to enable a feature that woul...
- Question 40: A forensic investigator would use the foremost command for:...
- Question 41: A SIEM generated an alert after a third-party database admin...
- Question 42: An e-commerce company is running a web server on premises, a...
- Question 43: As part of its risk strategy, a company is considering buyin...
- Question 44: A company is moving most of its customer-facing production s...
- Question 45: After investigating a recent security incident, a SOC analys...
- Question 46: A security consultant is designing an infrastructure securit...
- Question 47: A company that provides services to clients who work with hi...
- Question 48: A security team received a regulatory notice asking for info...
- Question 49: Over the last 90 days, many storage services has been expose...
- Question 50: An energy company is required to report the average pressure...
- Question 51: Which of the following BEST sets expectation between the sec...
- Question 52: An IT department is currently working to implement an enterp...
- Question 53: A security engineer is concerned about the threat of side-ch...
- Question 54: An application security engineer is performing a vulnerabili...
- Question 55: A Chief Information Officer is considering migrating all com...
- Question 56: A home automation company just purchased and installed tools...
- Question 57: A software development company is building a new mobile appl...
- Question 58: A security analyst runs a vulnerability scan on a network ad...
- Question 59: A security analyst is reviewing the following output from a ...
- Question 60: A company just released a new video card. Due to limited sup...
- Question 61: A security engineer has been asked to close all non-secure c...
- Question 62: Which of the following is the primary reason that a risk pra...
- Question 63: A high-severity vulnerability was found on a web application...
- Question 64: The CI/CD pipeline requires code to have close to zero defec...
- Question 65: A network administrator for a completely air-gapped and clos...
- Question 66: An internal security assessor identified large gaps in a com...
- Question 67: A large organization is planning to migrate from on premises...
- Question 68: A junior developer is informed about the impact of new malwa...
- Question 69: Ann, a CIRT member, is conducting incident response activiti...
- Question 70: An organization does not have visibility into when company-o...
- Question 71: An ISP is receiving reports from a portion of its customers ...
- Question 72: A security analyst is reviewing the following output: (Exhib...
- Question 73: A security architect works for a manufacturing organization ...
- Question 74: The general counsel at an organization has received written ...
- Question 75: A university issues badges through a homegrown identity mana...
- Question 76: A security manager has written an incident response playbook...
- Question 77: A developer is creating a new mobile application for a compa...
- Question 78: A security engineer needs to implement a solution to increas...
- Question 79: A company's BIA indicates that any loss of more than one hou...
- Question 80: While investigating a security event, an analyst finds evide...
- Question 81: A company that uses AD is migrating services from LDAP to se...
- Question 82: A disaster recovery team learned of several mistakes that we...
- Question 83: An organization recently recovered from an attack that featu...
- Question 84: PKI can be used to support security requirements in the chan...
- Question 85: A security engineer is reviewing metrics for a series of bug...
- Question 86: A security engineer is trying to identify instances of a vul...
- Question 87: During the development process, the team identifies major co...
- Question 88: Which of the following is record-level encryption commonly u...
- Question 89: To bring digital evidence in a court of law the evidence mus...
- Question 90: A company processes data subject to NDAs with partners that ...
- Question 91: A SOC analyst is reviewing malicious activity on an external...
- Question 92: A company is on a deadline to roll out an entire CRM platfor...
- Question 93: A small bank is evaluating different methods to address and ...
- Question 94: A hospitality company experienced a data breach that include...
- Question 95: A security engineer is creating a single CSR for the followi...
- Question 96: A mobile device hardware manufacturer receives the following...
- Question 97: Users are reporting intermittent access issues with & ne...
- Question 98: A security engineer needs to ensure production containers ar...
- Question 99: A software developer created an application for a large, mul...
- Question 100: A shipping company that is trying to eliminate entire classe...
- Question 101: A cybersecurity analyst discovered a private key that could ...
- Question 102: Which of the following is the best reason for obtaining file...
- Question 103: A security engineer needs to implement a cost-effective auth...
- Question 104: A security architect must mitigate the risks from what is su...
- Question 105: A security solution uses a sandbox environment to execute ze...
- Question 106: A security analyst needs to recommend a remediation to the f...
- Question 107: An organization is assessing the security posture of a new S...
- Question 108: The Chief Information Security Officer (CISO) is working wit...
- Question 109: The Chief information Officer (CIO) asks the system administ...
- Question 110: An organization is moving its intellectual property data fro...
- Question 111: Signed applications reduce risks by:...
- Question 112: An organization established an agreement with a partner comp...
- Question 113: A company is deploying multiple VPNs to support supplier con...
- Question 114: An organization's hunt team thinks a persistent threats exis...
- Question 115: A security consultant has been asked to recommend a secure n...
- Question 116: A company's product site recently had failed API calls, resu...
- Question 117: A business stores personal client data of individuals residi...
- Question 118: An organization is designing a network architecture that mus...
- Question 119: A user forwarded a suspicious email to a security analyst fo...
- Question 120: A SOC analyst received an alert about a potential compromise...
- Question 121: A company recently deployed new servers to create an additio...
- Question 122: A new requirement for legislators has forced a government se...
- Question 123: A security analyst is reviewing the following vulnerability ...
- Question 124: A security engineer is performing a threat modeling procedur...
- Question 125: A pharmaceutical company uses a cloud provider to host thous...
- Question 126: A company Invested a total of $10 million lor a new storage ...
- Question 127: A company recently acquired a SaaS provider and needs to int...
- Question 128: A security architect examines a section of code and discover...
- Question 129: Some end users of an e-commerce website are reporting a dela...
- Question 130: As part of the customer registration process to access a new...
- Question 131: A company has a website with a huge database. The company wa...
- Question 132: An accounting team member received a voicemail message from ...
- Question 133: A software company wants to build a platform by integrating ...
- Question 134: A company requires a task to be carried by more than one per...
- Question 135: A security administrator is trying to securely provide publi...
- Question 136: A company's Chief Information Security Officer is concerned ...
- Question 137: An administrator at a software development company would lik...
- Question 138: A company's Chief Information Officer wants to Implement IDS...
- Question 139: The Chief information Officer (CIO) wants to implement enter...
- Question 140: In order to authenticate employees who, call in remotely, a ...
- Question 141: A security engineer needs to recommend a solution that will ...
- Question 142: During a review of events, a security analyst notes that sev...
- Question 143: Which of the following technologies would benefit the most f...
- Question 144: In support of disaster recovery objectives, a third party ag...
- Question 145: A company purchased Burp Suite licenses this year for each a...
- Question 146: A security engineer is re-architecting a network environment...
- Question 147: A security analyst wants to keep track of alt outbound web c...
- Question 148: A security analyst is participating in a risk assessment and...
- Question 149: A company moved its on-premises services to the cloud. Altho...
- Question 150: A cloud security architect has been tasked with selecting th...
- Question 151: The Chief information Security Officer (CISO) of a small loc...
- Question 152: A company's SOC has received threat intelligence about an ac...
- Question 153: A user logged in to a web application. Later, a SOC analyst ...
- Question 154: A security analyst discovered that the company's WAF was not...
- Question 155: An IPSec solution is being deployed. The configuration files...
- Question 156: An IT director is working on a solution to meet the challeng...
- Question 157: A company's claims processed department has a mobile workfor...
- Question 158: A systems administrator is preparing to run a vulnerability ...
- Question 159: Immediately following the report of a potential breach, a se...
- Question 160: A Chief Information Security Officer is concerned about the ...
- Question 161: A company in the financial sector receives a substantial num...
- Question 162: The security analyst discovers a new device on the company's...
- Question 163: A security analyst has been tasked with providing key inform...
- Question 164: A security is assisting the marketing department with ensuri...
- Question 165: Which of the following should an organization implement to p...
- Question 166: A security analyst receives an alert from the SIEM regarding...
- Question 167: Which of the following processes involves searching and coll...
- Question 168: A company has a BYOD policy and has configured remote-wiping...
- Question 169: An organization decided to begin issuing corporate mobile de...
- Question 170: A security engineer at a company is designing a system to mi...
- Question 171: A security architect is tasked with scoping a penetration te...
- Question 172: An organization is preparing to migrate its production envir...
- Question 173: A company Is adopting a new artificial-intelligence-based an...
- Question 174: A security manager wants to transition the organization to a...
- Question 175: A hospital has fallen behind with patching known vulnerabili...
- Question 176: A system administrator at a medical imaging company discover...
- Question 177: A security architect Is analyzing an old application that is...
- Question 178: A user from the sales department opened a suspicious file at...
- Question 179: In preparation for the holiday season, a company redesigned ...
- Question 180: A security analyst is investigating a possible buffer overfl...
- Question 181: A developer wants to develop a secure external-facing web ap...
- Question 182: A Chief Security Officer (CSO) is concerned about the number...
- Question 183: A security architect updated the security policy to require ...
- Question 184: A company wants to quantify and communicate the effectivenes...
- Question 185: During a remodel, a company's computer equipment was moved t...
- Question 186: A security consultant needs to set up wireless security for ...
- Question 187: A technician is reviewing the logs and notices a large numbe...
- Question 188: A software development company needs to mitigate third-party...
- Question 189: An organization mat provides a SaaS solution recently experi...
- Question 190: When managing and mitigating SaaS cloud vendor risk, which o...
- Question 191: An organization is in frequent litigation and has a large nu...
- Question 192: A large number of emails have been reported, and a security ...
- Question 193: Clients are reporting slowness when attempting to access a s...
- Question 194: An attack team performed a penetration test on a new smart c...
- Question 195: (Exhibit) An organization is planning for disaster recovery ...
- Question 196: After the latest risk assessment, the Chief Information Secu...
- Question 197: In a shared responsibility model for PaaS, which of the foll...
- Question 198: An organization recently experienced a ransomware attack. Th...
- Question 199: A cyberanalyst has been tasked with recovering PDF files fro...
- Question 200: A software development company is building a new mobile appl...
- Question 201: A bank hired a security architect to improve its security me...
- Question 202: A municipal department receives telemetry data from a third-...
- Question 203: A security architect is given the following requirements to ...
- Question 204: Company A acquired Company B. During an initial assessment, ...
- Question 205: A managed security provider (MSP) is engaging with a custome...
- Question 206: A network architect is designing a new SD-WAN architecture t...
- Question 207: A security engineer estimates the company's popular web appl...
- Question 208: A security architect for a large, multinational manufacturer...
- Question 209: A security manager is creating a standard configuration acro...
- Question 210: A network administrator receives a ticket regarding an error...
- Question 211: A company is looking for a solution to hide data stored in d...
- Question 212: A Chief information Security Officer (CISO) is developing co...
- Question 213: An administrator at a software development company would lik...
- Question 214: Which of the following allows computation and analysis of da...
- Question 215: Based on a recent security audit, a company discovered the p...
- Question 216: To save time, a company that is developing a new VPN solutio...
- Question 217: The Chief information Officer (CIO) of a large bank, which u...
- Question 218: Due to locality and budget constraints, an organization's sa...
- Question 219: After a cybersecurity incident, a judge found that a company...
- Question 220: A pharmaceutical company recently experienced a security bre...
- Question 221: The information security manager at a 24-hour manufacturing ...
- Question 222: Which of the following should be established when configurin...
- Question 223: A significant weather event caused all systems to fail over ...
- Question 224: city government's IT director was notified by the City counc...
- Question 225: A company has moved its sensitive workloads lo the cloud and...
- Question 226: Which of the following provides the best solution for organi...
- Question 227: A security administrator needs to implement a security solut...
- Question 228: Which of the following is a security concern for DNP3?...
- Question 229: A company reviews the regulatory requirements associated wit...
- Question 230: An attacker infiltrated the code base of a hardware manufact...
- Question 231: A recent security assessment generated a recommendation to t...
- Question 232: Which of the following is the BEST disaster recovery solutio...
- Question 233: An investigator is attempting to determine if recent data br...
- Question 234: Which of the following is required for an organization to me...
- Question 235: An ASIC manufacturer wishing to best reduce downstream suppl...
- Question 236: A cloud security architect has been tasked with finding a so...
- Question 237: Company A is establishing a contractual with Company B. The ...
- Question 238: A company is migrating from company-owned phones to a BYOD s...
- Question 239: A major broadcasting company that requires continuous availa...
- Question 240: Which of the following testing plans is used to discuss disa...
- Question 241: A security administrator has been provided with three separa...
- Question 242: An organization wants to implement an access control system ...
- Question 243: A company has a website with a huge database. The company wa...
- Question 244: Which of the following security features do email signatures...
- Question 245: A networking team asked a security administrator to enable F...
