ExamTopics Logo
Mail Us[email protected]
Menu
Comptia Discussions
exam questions

Exam CAS-004 All Questions

View all questions & answers for the CAS-004 exam
Go to Exam

Exam CAS-004 topic 1 question 512 discussion

Actual exam question from CompTIA's CAS-004
Question #: 512
Topic #: 1
[All CAS-004 Questions]

IoCs were missed during a recent security incident due to the reliance on a signature-based detection platform. A security engineer must recommend a solution that can be implemented to address this shortcoming. Which of the following would be the most appropriate recommendation?

  • A. FIM
  • B. SASE
  • C. UEBA
  • D. CSPM
  • E. EAP
Show Suggested Answer Hide Answer
Suggested Answer: C 🗳️
by 23169fd at July 18, 2024, 7:54 p.m.

Comments

Chosen Answer:
This is a voting comment (?). It is better to Upvote an existing comment if you don't have anything to add.
Switch to a voting comment New
Submit Cancel
23169fd
Highly Voted 8 months ago
Selected Answer: C
UEBA focuses on analyzing the behaviors of users and entities within the network to identify anomalies that may indicate security threats. Unlike signature-based detection, which relies on known patterns of malicious activity, UEBA uses machine learning and advanced analytics to detect deviations from normal behavior. This approach can identify new and unknown threats that do not match existing signatures, thus addressing the limitation of missing IoCs that signature-based systems might overlook
upvoted 5 times
...
Steel16
Most Recent 1 week, 2 days ago
Selected Answer: C
o UEBA uses machine learning and behavioral analysis to detect anomalous activity, which can catch previously unknown threats not covered by traditional signature-based rules, making it a more effective solution for identifying advanced attacks that might bypass signature-based systems.
upvoted 1 times
...
HereToStudy
5 months, 3 weeks ago
Selected Answer: C
For reason I put below
upvoted 1 times
...
HereToStudy
5 months, 3 weeks ago
user and entity behaviors to detect anomalies and potential threats that signature-based systems might miss.
upvoted 1 times
...
Community vote distribution
A (35%)
C (25%)
B (20%)
Other
Most Voted
A voting comment increases the vote count for the chosen answer by one.

Upvoting a comment with a selected answer will also increase the vote count towards that answer by one. So if you see a comment that you already agree with, you can upvote it instead of posting a new comment.

SaveCancel
exam
Someone Bought Contributor Access for:
SY0-701
London, 1 minute ago