Valid CAS-005 Dumps shared by ExamDiscuss.com for Helping Passing CAS-005 Exam! ExamDiscuss.com now offer the newest CAS-005 exam dumps, the ExamDiscuss.com CAS-005 exam questions have been updated and answers have been corrected get the newest ExamDiscuss.com CAS-005 dumps with Test Engine here:
Access CAS-005 Dumps Premium Version
(250 Q&As Dumps, 35%OFF Special Discount Code: freecram)
<< Prev Question Next Question >>
Question 52/65
An audit finding reveals that a legacy platform has not retained loos for more than 30 days The platform has been segmented due to its interoperability with newer technology. As a temporary solution, the IT department changed the log retention to 120 days. Which of the following should the security engineer do to ensure the logs are being properly retained?
Correct Answer: C
To ensure that logs from a legacy platform are properly retained beyond the default retention period, configuring the SIEM to aggregate the logs is the best approach. SIEM solutions are designed to collect, aggregate, and store logs from various sources, providing centralized log management and retention. This setup ensures that logs are retained according to policy and can be easily accessed for analysis and compliance purposes.
Reference:
CompTIA SecurityX Study Guide: Discusses the role of SIEM in log management and retention.
NIST Special Publication 800-92, "Guide to Computer Security Log Management": Recommends the use of centralized log management solutions, such as SIEM, for effective log retention and analysis.
"Security Information and Event Management (SIEM) Implementation" by David Miller: Covers best practices for configuring SIEM systems to aggregate and retain logs from various sources.
Reference:
CompTIA SecurityX Study Guide: Discusses the role of SIEM in log management and retention.
NIST Special Publication 800-92, "Guide to Computer Security Log Management": Recommends the use of centralized log management solutions, such as SIEM, for effective log retention and analysis.
"Security Information and Event Management (SIEM) Implementation" by David Miller: Covers best practices for configuring SIEM systems to aggregate and retain logs from various sources.
- Question List (65q)
- Question 1: A news organization wants to implement workflows that allow ...
- Question 2: The security team is looking into aggressive bot behavior th...
- Question 3: SIMULATION A product development team has submitted code sni...
- Question 4: A software company deployed a new application based on its i...
- Question 5: A security professional is investigating a trend in vulnerab...
- Question 6: An organization is developing on Al-enabled digital worker t...
- Question 7: A company wants to install a three-tier approach to separate...
- Question 8: A developer makes a small change to a resource allocation mo...
- Question 9: Third parties notified a company's security team about vulne...
- Question 10: Within a SCADA a business needs access to the historian serv...
- Question 11: Emails that the marketing department is sending to customers...
- Question 12: A developer needs to improve the cryptographic strength of a...
- Question 13: A security analyst received a notification from a cloud serv...
- Question 14: A central bank implements strict risk mitigations for the ha...
- Question 15: A company hosts a platform-as-a-service solution with a web-...
- Question 16: A systems administrator wants to use existing resources to a...
- Question 17: A security engineer is developing a solution to meet the fol...
- Question 18: A company is developing a new service product offering that ...
- Question 19: Company A acquired Company B and needs to determine how the ...
- Question 20: All organization is concerned about insider threats from emp...
- Question 21: A security engineer needs 10 secure the OT environment based...
- Question 22: SIMULATION An IPSec solution is being deployed. The configur...
- Question 23: A security engineer performed a code scan that resulted in m...
- Question 24: A company that relies on an COL system must keep it operatin...
- Question 25: An organization found a significant vulnerability associated...
- Question 26: SIMULATION A security engineer needs to review the configura...
- Question 27: The material finding from a recent compliance audit indicate...
- Question 28: A company is having issues with its vulnerability management...
- Question 29: A user reports application access issues to the help desk. T...
- Question 30: A software engineer is creating a CI/CD pipeline to support ...
- Question 31: A security analyst is reviewing the following authentication...
- Question 32: A security engineer wants to stay up-to-date on new detectio...
- Question 33: Company A and Company D ate merging Company A's compliance r...
- Question 34: An organization wants to implement a platform to better iden...
- Question 35: A network engineer must ensure that always-on VPN access is ...
- Question 36: A company receives reports about misconfigurations and vulne...
- Question 37: A security team is responding to malicious activity and need...
- Question 38: A security analyst is reviewing suspicious log-in activity a...
- Question 39: Recent repents indicate that a software tool is being exploi...
- Question 40: A security analyst wants to use lessons learned from a poor ...
- Question 41: An endpoint security engineer finds that a newly acquired co...
- Question 42: While reviewing recent modem reports, a security officer dis...
- Question 43: A company wants to use loT devices to manage and monitor the...
- Question 44: A company's help desk is experiencing a large number of call...
- Question 45: The security team is looking into aggressive bot behavior th...
- Question 46: SIMULATION You are tasked with integrating a new B2B client ...
- Question 47: A company's security policy states that any publicly availab...
- Question 48: A company's SICM Is continuously reporting false positives a...
- Question 49: A company detects suspicious activity associated with extern...
- Question 50: During a gap assessment, an organization notes that OYOD usa...
- Question 51: Which of the following AI concerns is most adequately addres...
- Question 52: An audit finding reveals that a legacy platform has not reta...
- Question 53: Which of the following best explains the importance of deter...
- Question 54: An organization is required to * Respond to internal and ext...
- Question 55: A security operations engineer needs to prevent inadvertent ...
- Question 56: After remote desktop capabilities were deployed in the envir...
- Question 57: A systems engineer is configuring a system baseline for serv...
- Question 58: A financial services organization is using Al lo fully autom...
- Question 59: A company wants to invest in research capabilities with the ...
- Question 60: A company recently experienced an incident in which an advan...
- Question 61: A hospital provides tablets to its medical staff to enable t...
- Question 62: A security analyst discovered requests associated with IP ad...
- Question 63: A financial technology firm works collaboratively with busin...
- Question 64: A security officer performs due diligence activities before ...
- Question 65: A company isolated its OT systems from other areas of the co...
