exam questions

Exam CAS-004 All Questions

View all questions & answers for the CAS-004 exam

Exam CAS-004 topic 1 question 23 discussion

Actual exam question from CompTIA's CAS-004
Question #: 23
Topic #: 1
[All CAS-004 Questions]

A university issues badges through a homegrown identity management system to all staff and students. Each week during the summer, temporary summer school students arrive and need to be issued a badge to access minimal campus resources. The security team received a report from an outside auditor indicating the homegrown system is not consistent with best practices in the security field and leaves the institution vulnerable.
Which of the following should the security team recommend FIRST?

  • A. Investigating a potential threat identified in logs related to the identity management system
  • B. Updating the identity management system to use discretionary access control
  • C. Beginning research on two-factor authentication to later introduce into the identity management system
  • D. Working with procurement and creating a requirements document to select a new IAM system/vendor
Show Suggested Answer Hide Answer
Suggested Answer: D 🗳️

Comments

Chosen Answer:
This is a voting comment (?). It is better to Upvote an existing comment if you don't have anything to add.
Switch to a voting comment New
CyberKiy
Highly Voted 5 months, 3 weeks ago
If you receive a report that your application has a vulnerability and there is suspicious activity in your logs then your FIRST step would be to investigate the logs to see if you have already been compromised and deal with that issue. THEN you can move on to other steps.
upvoted 15 times
Nickolos
9 months ago
"The security team received a report from an outside auditor indicating the homegrown system is not consistent with best practices in the security field and leaves the institution vulnerable." where does it say suspicious activity in your logs?
upvoted 2 times
...
Protocol0
2 years, 4 months ago
But it doesn't say "And there is suspicious activity"
upvoted 8 times
BiteSize
1 year, 7 months ago
a report was received.. could be wrong. have to verify
upvoted 4 times
Twisty
1 month, 4 weeks ago
Ultimately, I think the key phrase here is "and leaves the institution vulnerable". Vulnerabilities can lead to potential threats. It couldn't be B. because issuing badges is already a form of discretionary access control C. just doesn't make sense. The question wants to know which you would do FIRST. Based off the wording, any solution that would introduced later does not fall in line with FIRST. While D. could work, and I do see the merits in selecting this option, the primary issue is that this solution can take a long time until it is fully implemented. All the while, leaving the aforementioned vulnerability exposed.
upvoted 1 times
...
...
...
...
kycugu
Highly Voted 5 months, 3 weeks ago
D. Working with procurement and creating a requirements document to select a new IAM system/vendor If the security team at a university has received a report from an outside auditor indicating that the institution's homegrown identity management system is not consistent with best practices and leaves the institution vulnerable, the team should consider replacing the system with a more secure and robust solution. To do this, the security team should work with procurement to create a requirements document that outlines the necessary capabilities and features of a new identity and access management (IAM) system or vendor. This may include researching and evaluating potential solutions, testing and piloting new systems, and negotiating contracts with vendors.
upvoted 12 times
...
Bright07
Most Recent 1 week ago
Selected Answer: D
D. Working with procurement and creating a requirements document to select a new IAM system/vendor. The auditor has flagged the current system as insecure and not consistent with best practices, which suggests that the underlying issue is the architecture and implementation of the homegrown identity management system. Rather than trying to patch or retrofit the current system, selecting a new, secure IAM system/vendor that follows best practices is likely the most effective first step. By procuring a more secure and scalable solution, the university can address long-term security needs and minimize risk, particularly given the potential exposure of sensitive data and systems. While investigating potential threats is essential for ongoing security, this action does not directly address the systemic issue highlighted by the auditor. The problem appears to be more related to overall design and security best practices, rather than an immediate incident or identified attack. This is important but not the first step.
upvoted 1 times
...
1llustrious
2 weeks, 2 days ago
Selected Answer: D
Only answer that offers a way to mitigate the vulnerability.
upvoted 2 times
...
blacksheep6r
1 month, 1 week ago
Selected Answer: D
Final Answer: ✅ D) Work with procurement and create a requirements document to select a new IAM system/vendor. Key Takeaway: 💡 Instead of trying to patch a fundamentally insecure identity system, the best solution is to replace it with a secure, industry-standard IAM system.
upvoted 2 times
...
Chiaretta
1 month, 2 weeks ago
Selected Answer: D
I think D is the right answer. The problem states the compliancy of IAM security.
upvoted 2 times
...
Drui
5 months, 4 weeks ago
A. Investigating a potential threat identified in logs related to the identity management system-> The external auditor produced a report so if there's logs involved, that's in the report so no reason to do it again B. Updating the identity management system to use discretionary access control->this was given already as temporary students have only access to certain areas, not like permanent students C. Beginning research on two-factor authentication to later introduce into the identity management system->It's a badge, I've never seen MFA in a badge. If they refer to access the identity management system, that's different, but it wasn't mentioned what the report says D. Working with procurement and creating a requirements document to select a new IAM system/vendor -> We don't know what the report says, so given the other answers aren't good to tick, we assume the "not consistent with best practices" is not possible to fix with this vendor, so we have to evaluate other options, however the answer says what to do first, well there's no multiple things to do with the given options...
upvoted 1 times
Drui
5 months, 4 weeks ago
oh, with C, it could be a badge requesting a PIN, that could be, but the report doesn't say there's a vulnerability to remediate, it just says the product itself leaves the university vulnerable
upvoted 1 times
Drui
5 months, 4 weeks ago
Still thinking about this. A states to investigate a threat that was already indentified in the logs, so it's looking at the logs stated in the report and investigate this potential threat leaving the university vulnerable, so perhaps that's why the FIRST keyword, because A should be done before D if it can't be sorted out
upvoted 1 times
Drui
5 months, 4 weeks ago
however.. "not consistent with best practices" =! "potential threat"
upvoted 1 times
...
...
...
...
23169fd
8 months, 1 week ago
Selected Answer: A
Keyword: First D is a long term project, not a solution for immediate response.
upvoted 2 times
...
cyspec
8 months, 2 weeks ago
Selected Answer: D
Keyword is homegrown.
upvoted 3 times
...
tester27
9 months ago
This is a trick question, but if you think of it, they received a report from an auditor, thus, they were not able to see the alerts themselves, so there would be no logs to investigate. I did consider the answer A, but D makes more sense.
upvoted 1 times
...
Bright07
9 months, 2 weeks ago
Answer: D. Working with procurement and creating a requirements document to select a new IAM system/vendor Explanation: The security team should first address the root cause of the problem, which is the homegrown identity management system that is not consistent with best practices in the security field. This leaves the institution vulnerable. Therefore, the first step should be to work with procurement and create a requirements document to select a new Identity and Access Management (IAM) system/vendor. This will ensure that the new system is in line with the best practices in the security field and will reduce the institution's vulnerability. The other options, such as investigating a potential threat, updating the system to use discretionary access control, or researching two-factor authentication, are all important but they are secondary steps that should be taken after addressing the main issue.
upvoted 1 times
...
Nickolos
1 year ago
Audit doesn't identify threats, they issue findings, so not a.
upvoted 2 times
...
Trap_D0_r
1 year, 1 month ago
I initially thought "D", but I've been convinced it's "A"-- when you go to procurement the first question they'll ask is "Why do you need to buy this?" and you'll say "The auditor said there's a potential vulnerability" and they'll say "Well has it ever actually been exploited???" and you'll go "uhh...ummm.. I mean... the auditor just said it's there." and they'll say "That's nice, junior. How about you go tell me what our actual risk level is, or if there's ever been an issue, before daddy gets out his wallet and slips you some cash." Or at least that's what they'll say if you haven't don "A" first.
upvoted 2 times
ElDirec
1 year, 1 month ago
I don't know where you work, but IRL Procurement is not that smart
upvoted 3 times
...
...
Delab202
1 year, 2 months ago
Selected Answer: D
Given the information provided, the FIRST recommendation for the security team should be: D. Working with procurement and creating a requirements document to select a new IAM system/vendor
upvoted 2 times
...
ra774ra7
1 year, 2 months ago
D About A - Who says there are logs??
upvoted 2 times
...
nuel_12
1 year, 3 months ago
Selected Answer: A
A. Investigating a potential threat identified in logs related to the identity management system, as cybersecurity the first thing you do is verify if it is true, then send request to management for approval of budget then to the procurement team.
upvoted 1 times
...
OdinAtlasSteel
1 year, 4 months ago
Selected Answer: D
Given that the outside auditor has reported that the homegrown identity management system is not consistent with best practices and leaves the institution vulnerable, it indicates a fundamental issue with the existing system. In such cases, it's prudent to consider the procurement of a new Identity and Access Management (IAM) system that aligns with industry best practices. Remember that the question does not specify what the problem is, so the only possible answer is D.
upvoted 2 times
...
Community vote distribution
A (35%)
C (25%)
B (20%)
Other
Most Voted
A voting comment increases the vote count for the chosen answer by one.

Upvoting a comment with a selected answer will also increase the vote count towards that answer by one. So if you see a comment that you already agree with, you can upvote it instead of posting a new comment.

SaveCancel
Loading ...
exam
Someone Bought Contributor Access for:
SY0-701
London, 1 minute ago