CAS-005更新された試験問題集で[2025年最新] 練習有効な試験問題集 [Q135-Q158]

Share

CAS-005更新された試験問題集で[2025年最新] 練習有効な試験問題集

CAS-005サンプルには正確で更新された問題


CompTIA CAS-005 認定試験の出題範囲:

トピック出題範囲
トピック 1
  • Security Architecture: This domain focuses on analyzing requirements to design resilient systems, including the configuration of firewalls and intrusion detection systems.
トピック 2
  • Governance, Risk, and Compliance: This section of the exam measures the skills of CompTIA security architects that cover the implementation of governance components based on organizational security requirements, including developing policies, procedures, and standards. Candidates will learn about managing security programs, including awareness training on phishing and social engineering.
トピック 3
  • Security Engineering: This section measures the skills of CompTIA security architects that involve troubleshooting common issues related to identity and access management (IAM) components within an enterprise environment. Candidates will analyze requirements to enhance endpoint and server security while implementing hardware security technologies. This domain also emphasizes the importance of advanced cryptographic concepts in securing systems.
トピック 4
  • Security Operations: This domain is designed for CompTIA security architects and covers analyzing data to support monitoring and response activities, as well as assessing vulnerabilities and recommending solutions to reduce attack surfaces. Candidates will apply threat-hunting techniques and utilize threat intelligence concepts to enhance operational security.

 

質問 # 135
A company needs to increase the maturity level for the cybersecurity department's governance structure.
To achieve this goal, the company wants to implement a set of controls that can be used as part of the standard operational procedures and policies within the department and the company.
Which of the following frameworks best aligns with this goal?

  • A. CIS
  • B. COSO
  • C. ITIL
  • D. COBIT

正解:D


質問 # 136
A security analyst wants to use lessons learned from a poor incident response to reduce dwell lime in the future The analyst is using the following data points

Which of the following would the analyst most likely recommend?

  • A. Adjusting the SIEM to alert on attempts to visit phishing sites
  • B. Enabling alerting on all suspicious administrator behavior
  • C. Allowing TRACE method traffic to enable better log correlation
  • D. utilizing allow lists on the WAF for all users using GFT methods

正解:B

解説:
In the context of improving incident response and reducing dwell time, the security analyst needs to focus on proactive measures that can quickly detect and alert on potential security breaches. Here's a detailed analysis of the options provided:
A: Adjusting the SIEM to alert on attempts to visit phishing sites: While this is a useful measure to prevent phishing attacks, it primarily addresses external threats and doesn't directly impact dwell time reduction, which focuses on the time a threat remains undetected within a network.
B: Allowing TRACE method traffic to enable better log correlation: The TRACE method in HTTP is used for debugging purposes, but enabling it can introduce security vulnerabilities. It's not typically recommended for enhancing security monitoring or incident response.
C: Enabling alerting on all suspicious administrator behavior: This option directly targets the potential misuse of administrator accounts, which are often high-value targets for attackers. By monitoring and alerting on suspicious activities from admin accounts, the organization can quickly identify and respond to potential breaches, thereby reducing dwell time significantly. Suspicious behavior could include unusual login times, access to sensitive data not usually accessed by the admin, or any deviation from normal behavior patterns.
This proactive monitoring is crucial for quick detection and response, aligning well with best practices in incident response.
D: Utilizing allow lists on the WAF for all users using GET methods: This measure is aimed at restricting access based on allowed lists, which can be effective in preventing unauthorized access but doesn't specifically address the need for quick detection and response to internal threats.
References:
* CompTIA SecurityX Study Guide: Emphasizes the importance of monitoring and alerting on admin activities as part of a robust incident response plan.
* NIST Special Publication 800-61 Revision 2, "Computer Security Incident Handling Guide": Highlights best practices for incident response, including the importance of detecting and responding to suspicious activities quickly.
* "Incident Response & Computer Forensics" by Jason T. Luttgens, Matthew Pepe, and Kevin Mandia:
Discusses techniques for reducing dwell time through effective monitoring and alerting mechanisms, particularly focusing on privileged account activities.
By focusing on enabling alerting for suspicious administrator behavior, the security analyst addresses a critical area that can help reduce the time a threat goes undetected, thereby improving the overall security posture of the organization.
Top of Form
Bottom of Form


質問 # 137
A security analyst received a report that an internal web page is down after a company-wide update to the web browser Given the following error message:

Which of the following is the best way to fix this issue?

  • A. Blocking all non-essential pons
  • B. Rewriting any legacy web functions
  • C. Discontinuing the use of self-signed certificates
  • D. Disabling all deprecated ciphers

正解:C

解説:
The error message "NET::ERR_CERT_WEAK_SIGNATURE_ALGORITHM" indicates that the web browser is rejecting the certificate because it uses a weak signature algorithm. This commonly happens with self-signed certificates, which often use outdated or insecure algorithms.
Why Discontinue Self-Signed Certificates?
* Security Compliance: Modern browsers enforce strict security standards and may reject certificates that do not comply with these standards.
* Trusted Certificates: Using certificates from a trusted Certificate Authority (CA) ensures compliance with security standards and is less likely to be flagged as insecure.
* Weak Signature Algorithm: Self-signed certificates might use weak algorithms like MD5 or SHA-1, which are considered insecure.
Other options do not address the specific cause of the certificate error:
* A. Rewriting legacy web functions: Does not address the certificate issue.
* B. Disabling deprecated ciphers: Useful for improving security but not related to the certificate error.
* C. Blocking non-essential ports: This is unrelated to the issue of certificate validation.
References:
* CompTIA SecurityX Study Guide
* "Managing SSL/TLS Certificates," OWASP
* "Best Practices for Certificate Management," NIST Special Publication 800-57


質問 # 138
A company implemented a NIDS and a NIPS on the most critical environments. Since this implementation, the company has been experiencing network connectivity issues. Which of the following should the security architect recommend for a new NIDS/NIPS implementation?

  • A. Implementing the NIDS with a port mirror in the core switch and the NIPS in the main firewall
  • B. Implementing the NIDS and the NIPS together with the main firewall
  • C. Implementing a NIDS without a NIPS to increase the detection capability
  • D. Implementing the NIDS in the bastion host and the NIPS in the branch network router

正解:A


質問 # 139
A systems administrator wants to introduce a newly released feature for an internal application.
The administrate docs not want to test the feature in the production environment. Which of the following locations is the best place to test the new feature?

  • A. Development environment
  • B. CI/CO pipeline
  • C. Staging environment
  • D. Testing environment

正解:C

解説:
The best location to test a newly released feature for an internal application, without affecting the production environment, is the staging environment.
Staging Environment: This environment closely mirrors the production environment in terms of hardware, software, configurations, and settings. It serves as a final testing ground before deploying changes to production. Testing in the staging environment ensures that the new feature will behave as expected in the actual production setup.
Isolation from Production: The staging environment is isolated from production, which means any issues arising from the new feature will not impact the live users or the integrity of the production data. This aligns with best practices in change management and risk mitigation.
Realistic Testing: Since the staging environment replicates the production environment, it provides realistic testing conditions. This helps in identifying potential issues that might not be apparent in a development or testing environment, which often have different configurations and workloads.


質問 # 140
A company wants to use loT devices to manage and monitor thermostats at all facilities. The thermostats must receive vendor security updates and limit access to other devices within the organization. Which of the following best addresses the company's requirements?

  • A. Only allowing Internet access to a set of specific domains
  • B. Operating lot devices on a separate network with no access to other devices internally
  • C. Configuring IoT devices to always allow automatic updates
  • D. Only allowing operation for loT devices during a specified time window

正解:B

解説:
The best approach for managing and monitoring IoT devices, such as thermostats, is to operate them on a separate network with no access to other internal devices. This segmentation ensures that the IoT devices are isolated from the main network, reducing the risk of potential security breaches affecting other critical systems. Additionally, this setup allows for secure vendor updates without exposing the broader network to potential vulnerabilities inherent in IoT devices.


質問 # 141
An audit finding reveals that a legacy platform has not retained loos for more than 30 days The platform has been segmented due to its interoperability with newer technology. As a temporary solution, the IT department changed the log retention to 120 days. Which of the following should the security engineer do to ensure the logs are being properly retained?

  • A. Configure a scheduled task nightly to save the logs
  • B. Configure a Python script to move the logs into a SQL database.
  • C. Configure event-based triggers to export the logs at a threshold.
  • D. Configure the SIEM to aggregate the logs

正解:D

解説:
To ensure that logs from a legacy platform are properly retained beyond the default retention period, configuring the SIEM to aggregate the logs is the best approach. SIEM solutions are designed to collect, aggregate, and store logs from various sources, providing centralized log management and retention. This setup ensures that logs are retained according to policy and can be easily accessed for analysis and compliance purposes.
References:
* CompTIA SecurityX Study Guide: Discusses the role of SIEM in log management and retention.
* NIST Special Publication 800-92, "Guide to Computer Security Log Management": Recommends the use of centralized log management solutions, such as SIEM, for effective log retention and analysis.
* "Security Information and Event Management (SIEM) Implementation" by David Miller: Covers best practices for configuring SIEM systems to aggregate and retain logs from various sources.


質問 # 142
A security analyst reviews the following report:

Which of the following assessments is the analyst performing?

  • A. Supply chain
  • B. Organizational
  • C. Quantitative
  • D. System

正解:A

解説:
The table shows detailed information about products, including location, chassis manufacturer, OS, application developer, and vendor. This type of information is typically assessed in a supply chain assessment to evaluate the security and reliability of components and services from different suppliers.
Why Supply Chain Assessment?
* Component Evaluation: Assessing the origin and security of each component used in the products, including hardware, software, and third-party services.
* Vendor Reliability: Evaluating the security practices and reliability of vendors involved in providing components or services.
* Risk Management: Identifying potential risks associated with the supply chain, such as vulnerabilities in third-party components or insecure development practices.
Other types of assessments do not align with the detailed supplier and component information provided:
* A. System: Focuses on individual system security, not the broader supply chain.
* C. Quantitative: Focuses on numerical risk assessments, not supplier information.
* D. Organizational: Focuses on internal organizational practices, not external suppliers.
References:
* CompTIA SecurityX Study Guide
* NIST Special Publication 800-161, "Supply Chain Risk Management Practices for Federal Information Systems and Organizations"
* "Supply Chain Security Best Practices," Gartner Research


質問 # 143
An organization recently acquired another company that is running a different EDR solution. A SOC analyst wants to automate the isolation of endpoints that are found to be compromised.
Which of the following workflows best mitigates the risk of false positives and reduces the spread of malicious code?

  • A. Using a SOAR solution to look up entities via a TIP platform and isolate endpoints via APIs
  • B. Reviewing all alerts manually in the various portals and taking action to isolate them
  • C. Setting a policy on each EDR management console to isolate all endpoints that trigger any alerts
  • D. Automating the suppression of all alerts that are not critical and sending an email asking SOC analysts to review these alerts

正解:A


質問 # 144
A financial technology firm works collaboratively with business partners in the industry to share threat intelligence within a central platform. This collaboration gives partner organizations the ability to obtain and share data associated with emerging threats from a variety of adversaries.
Which of the following should the organization most likely leverage to facilitate this activity?
(Choose two.)

  • A. YAKA
  • B. ATTACK
  • C. JTAG
  • D. CWPP
  • E. TAXII
  • F. STIX

正解:E、F

解説:
STIX (Structured Threat Information eXpression): STIX is a standardized language for representing threat information in a structured and machine-readable format. It facilitates the sharing of threat intelligence by ensuring that data is consistent and can be easily understood by all parties involved.
TAXII (Trusted Automated eXchange of Indicator Information): TAXII is a transport mechanism that enables the sharing of cyber threat information over a secure and trusted network. It works in conjunction with STIX to automate the exchange of threat intelligence among organizations.


質問 # 145
Which of the following best explains the importance of determining organization risk appetite when operating with a constrained budget?

  • A. Budgetary pressure drives risk mitigation planning in all companies
  • B. Organizational risk appetite varies from organization to organization
  • C. Risk appetite directly impacts acceptance of high-impact low-likelihood events.
  • D. Risk appetite directly influences which breaches are disclosed publicly

正解:C

解説:
Risk appetite is the amount of risk an organization is willing to accept to achieve its objectives.
When operating with a constrained budget, understanding the organization's risk appetite is crucial because:
It helps prioritize security investments based on the level of risk the organization is willing to tolerate.
High-impact, low-likelihood events may be deemed acceptable if they fall within the organization's risk appetite, allowing for budget allocation to other critical areas. Properly understanding and defining risk appetite ensures that limited resources are used effectively to manage risks that align with the organization's strategic goals.


質問 # 146
A security analyst wants to use lessons learned from a prior incident response to reduce dwell time in the future. The analyst is using the following data points:

Which of the following would the analyst most likely recommend?

  • A. Adjusting the SIEM to alert on attempts to visit phishing sites
  • B. Enabling alerting on all suspicious administrator behavior
  • C. Allowing TRACE method traffic to enable better log correlation
  • D. utilizing allow lists on the WAF for all users using GFT methods

正解:B

解説:
In the context of improving incident response and reducing dwell time, the security analyst needs to focus on proactive measures that can quickly detect and alert on potential security breaches.
Enabling alerting on all suspicious administrator behavior: This option directly targets the potential misuse of administrator accounts, which are often high-value targets for attackers. By monitoring and alerting on suspicious activities from admin accounts, the organization can quickly identify and respond to potential breaches, thereby reducing dwell time significantly. Suspicious behavior could include unusual login times, access to sensitive data not usually accessed by the admin, or any deviation from normal behavior patterns. This proactive monitoring is crucial for quick detection and response, aligning well with best practices in incident response.


質問 # 147
A hospital's requirements for remote third-party monitoring of the HVAC system include the following:
- The vendor must be able to continuously monitor system health and
respond accordingly.
- The vendor must only have network access to the HVAC system.
- The vendor must be the only entity with access to the HVAC system.
Which of the following best meets the hospital's requirements?

  • A. Creating a site-to-site VPN tunnel and allowing restricted access to the system
  • B. Implementing a reverse web proxy and allowing access from the internet
  • C. Installing the vendor's monitoring appliance on the internal network and allowing outbound SSL connectivity
  • D. Deploying a RDP jump box to allow remote system monitoring

正解:A


質問 # 148
During a recent audit, a company's systems were assessed. Given the following information:

Which of the following is the best way to reduce the attack surface?

  • A. Segmenting the manufacturing network with a firewall and placing the rules in monitor mode
  • B. Setting up an IDS inline to monitor and detect any threats to the software
  • C. Deploying an EDR solution to all impacted machines in manufacturing
  • D. Implementing an application-aware firewall and writing strict rules for the application access

正解:C


質問 # 149
Audit findings indicate several user endpoints are not utilizing full disk encryption During me remediation process, a compliance analyst reviews the testing details for the endpoints and notes the endpoint device configuration does not support full disk encryption Which of the following is the most likely reason me device must be replaced'

  • A. The motherboard was not configured with a TPM from the OEM supplier.
  • B. The vTPM was not properly initialized and is corrupt.
  • C. The HSM does not support sealing storage
  • D. The HSM is outdated and no longer supported by the manufacturer
  • E. The HSM is vulnerable to common exploits and a firmware upgrade is needed

正解:A

解説:
The most likely reason the device must be replaced is that the motherboard was not configured with a TPM (Trusted Platform Module) from the OEM (Original Equipment Manufacturer) supplier.
Why TPM is Necessary for Full Disk Encryption:
* Hardware-Based Security: TPM provides a hardware-based mechanism to store encryption keys securely, which is essential for full disk encryption.
* Compatibility: Full disk encryption solutions, such as BitLocker, require TPM to ensure that the encryption keys are securely stored and managed.
* Integrity Checks: TPM enables system integrity checks during boot, ensuring that the device has not been tampered with.
Other options do not directly address the requirement for TPM in supporting full disk encryption:
* A. The HSM is outdated: While HSM (Hardware Security Module) is important for security, it is not typically used for full disk encryption.
* B. The vTPM was not properly initialized: vTPM (virtual TPM) is less common and not typically a reason for requiring hardware replacement.
* C. The HSM is vulnerable to common exploits: This would require a firmware upgrade, not replacement of the device.
* E. The HSM does not support sealing storage: Sealing storage is relevant but not the primary reason for requiring TPM for full disk encryption.
References:
* CompTIA SecurityX Study Guide
* "Trusted Platform Module (TPM) Overview," Microsoft Documentation
* "BitLocker Deployment Guide," Microsoft Documentation


質問 # 150
A security analyst needs to ensure email domains that send phishing attempts without previous communications are not delivered to mailboxes The following email headers are being reviewed

Which of the following is the best action for the security analyst to take?

  • A. Block messages from hr-saas.com because it is not a recognized domain.
  • B. Quarantine all messages with sales-mail.com in the email header
  • C. Block vendor com for repeated attempts to send suspicious messages
  • D. Reroute all messages with unusual security warning notices to the IT administrator

正解:C

解説:
In reviewing email headers and determining actions to mitigate phishing attempts, the security analyst should focus on patterns of suspicious behavior and the reputation of the sending domains. Here's the analysis of the options provided:
A; Block messages from hr-saas.com because it is not a recognized domain: Blocking a domain solely because it is not recognized can lead to legitimate emails being missed. Recognition alone should not be the criterion for blocking.
B: Reroute all messages with unusual security warning notices to the IT administrator: While rerouting suspicious messages can be a good practice, it is not specific to the domain sending repeated suspicious messages.
C: Quarantine all messages with sales-mail.com in the email header: Quarantining messages based on the presence of a specific domain in the email header can be too broad and may capture legitimate emails.
D: Block vendor com for repeated attempts to send suspicious messages: This option is the most appropriate because it targets a domain that has shown a pattern of sending suspicious messages. Blocking a domain that repeatedly sends phishing attempts without previous communications helps in preventing future attempts from the same source and aligns with the goal of mitigating phishing risks.
References:
* CompTIA SecurityX Study Guide: Details best practices for handling phishing attempts, including blocking domains with repeated suspicious activity.
* NIST Special Publication 800-45 Version 2, "Guidelines on Electronic Mail Security": Provides guidelines on email security, including the management of suspicious email domains.
* "Phishing and Countermeasures: Understanding the Increasing Problem of Electronic Identity Theft" by Markus Jakobsson and Steven Myers: Discusses effective measures to counter phishing attempts, including blocking persistent offenders.
By blocking the domain that has consistently attempted to send suspicious messages, the security analyst can effectively reduce the risk of phishing attacks.


質問 # 151

Which of the following is the security engineer most likely doing?

  • A. Reporting on remote log-in activities to track team metrics
  • B. Assessing log in activities using geolocation to tune impossible Travel rate alerts
  • C. Baselining user behavior to support advanced analytics
  • D. Threat hunting for suspicious activity from an insider threat

正解:B

解説:
In the given scenario, the security engineer is likely examining login activities and their associated geolocations. This type of analysis is aimed at identifying unusual login patterns that might indicate an impossible travel scenario. An impossible travel scenario is when a single user account logs in from geographically distant locations in a short time, which is physically impossible. By assessing login activities using geolocation, the engineer can tune alerts to identify and respond to potential security breaches more effectively.


質問 # 152
A security architect is establishing requirements to design resilience in un enterprise system trial will be extended to other physical locations. The system must:
- Be survivable to one environmental catastrophe
- Re recoverable within 24 hours of critical loss of availability
- Be resilient to active exploitation of one site-to-site VPN solution

  • A. Employ layering of routers from diverse vendors
  • B. Load-balance connection attempts and data Ingress at internet gateways
  • C. Implement full weekly backups to be stored off-site for each of the company's sites
  • D. Allocate fully redundant and geographically distributed standby sites.
  • E. Use orchestration to procure, provision, and transfer application workloads lo cloud services
  • F. Lease space to establish cold sites throughout other countries

正解:D

解説:
To design resilience in an enterprise system that can survive environmental catastrophes, recover within 24 hours, and be resilient to active exploitation, the best strategy is to allocate fully redundant and geographically distributed standby sites.
Geographical Redundancy: Having geographically distributed standby sites ensures that if one site is affected by an environmental catastrophe, the other sites can take over, providing continuity of operations.
Full Redundancy: Fully redundant sites mean that all critical systems and data are replicated, enabling quick recovery in the event of a critical loss of availability.
Resilience to Exploitation: Distributing resources across multiple sites reduces the risk of a single point of failure and increases resilience against targeted attacks.


質問 # 153
A nation-state actor is exposed for attacking large corporations by establishing persistence in smaller companies that are likely to be acquired by these large corporations. The actor then provisions user accounts in the companies for use post-acquisition. Before an upcoming acquisition, a security officer conducts threat modeling with this attack vector. Which of the following practices is the best way to investigate this threat?

  • A. Restricting internet traffic originating from countries in which the nation-state actor is known to operate
  • B. Auditing vendors to mitigate supply chain risk during the acquisition
  • C. Comparing all existing credentials to personnel and services
  • D. Placing a hold on all information about corporate interest in acquisitions

正解:C


質問 # 154
Company A and Company D ate merging Company A's compliance reports indicate branch protections are not in place A security analyst needs to ensure that potential threats to the software development life cycle are addressed. Which of the following should me analyst cons<der when completing this basic?

  • A. If DAST code is being stored to a single code repository
  • B. If developers are unable to promote to production
  • C. If DAST scans are routinely scheduled
  • D. If role-based training is deployed

正解:C

解説:
Dynamic Application Security Testing (DAST) is crucial for identifying and addressing security vulnerabilities during the software development life cycle (SDLC). Ensuring that DAST scans are routinely scheduled helps in maintaining a secure development process.
Why Routine DAST Scans?
* Continuous Security Assessment: Regular DAST scans help in identifying vulnerabilities in real-time, ensuring they are addressed promptly.
* Compliance: Routine scans ensure that the development process complies with security standards and regulations.
* Proactive Threat Mitigation: Regular scans help in early detection and mitigation of potential security threats, reducing the risk of breaches.
* Integration into SDLC: Ensures security is embedded within the development process, promoting a security-first approach.
Other options, while relevant, do not directly address the continuous assessment and proactive identification of threats:
* A. If developers are unable to promote to production: This is more of an operational issue than a security assessment.
* B. If DAST code is being stored to a single code repository: This concerns code management rather than security testing frequency.
* D. If role-based training is deployed: While important, training alone does not ensure continuous security assessment.
References:
* CompTIA SecurityX Study Guide
* OWASP Testing Guide
* NIST Special Publication 800-53, "Security and Privacy Controls for Information Systems and Organizations"


質問 # 155
Recent repents indicate that a software tool is being exploited. Attackers were able to bypass user access controls and load a database. A security analyst needs to find the vulnerability and recommend a mitigation. The analyst generates the following output:

Which of the following would the analyst most likely recommend?

  • A. Removing hard coded credentials from the source code
  • B. Installing appropriate EDR tools to block pass-the-hash attempts
  • C. Not allowing users to change their local passwords
  • D. Adding additional time to software development to perform fuzz testing

正解:A

解説:
The output indicates that the software tool contains hard-coded credentials, which attackers can exploit to bypass user access controls and load the database. The most likely recommendation is to remove hard-coded credentials from the source code.
Security Best Practices: Hard-coded credentials are a significant security risk because they can be easily discovered through reverse engineering or simple inspection of the code. Removing them reduces the risk of unauthorized access.
Credential Management: Credentials should be managed securely using environment variables, secure vaults, or configuration management tools that provide encryption and access controls.
Mitigation of Exploits: By eliminating hard-coded credentials, the organization can prevent attackers from easily bypassing authentication mechanisms and gaining unauthorized access to sensitive systems.


質問 # 156
Which of the following best explains the business requirement a healthcare provider fulfills by encrypting patient data at rest?

  • A. Securing data transfer between hospitals
  • B. Protecting privacy while supporting portability.
  • C. Reducing liability from identity theft
  • D. Providing for non-repudiation data

正解:B

解説:
Encrypting patient data at rest is a critical requirement for healthcare providers to ensure compliance with regulations such as the Health Insurance Portability and Accountability Act (HIPAA). The primary business requirement fulfilled by this practice is the protection of patient privacy while supporting the portability of medical information. By encrypting data at rest, healthcare providers safeguard sensitive patient information from unauthorized access, ensuring that privacy is maintained even if the storage media are compromised. Additionally, encryption supports the portability of patient records, allowing for secure transfer and access across different systems and locations while ensuring that privacy controls are in place.


質問 # 157
An organization is developing on Al-enabled digital worker to help employees complete common tasks such as template development, editing, research, and scheduling. As part of the Al workload the organization wants to Implement guardrails within the platform. Which of the following should the company do to secure the Al environment?

  • A. Limn the platform's abilities to only non-sensitive functions
  • B. Enhance the training model's effectiveness.
  • C. Require end-user acknowledgement of organizational policies.
  • D. Grant the system the ability to self-govern

正解:A

解説:
Limiting the platform's abilities to only non-sensitive functions helps to mitigate risks associated with AI operations. By ensuring that the AI-enabled digital worker is only allowed to perform tasks that do not involve sensitive or critical data, the organization reduces the potential impact of any security breaches or misuse.
Enhancing the training model's effectiveness (Option B) is important but does not directly address security guardrails. Granting the system the ability to self-govern (Option C) could increase risk as it may act beyond the organization's control. Requiring end-user acknowledgement of organizational policies (Option D) is a good practice but does not implement technical guardrails to secure the AI environment.
References:
* CompTIA Security+ Study Guide
* NIST SP 800-53 Rev. 5, "Security and Privacy Controls for Information Systems and Organizations"
* ISO/IEC 27001, "Information Security Management"


質問 # 158
......

合格させるCompTIA CAS-005プレミアムお試しセットテストエンジンPDFで無料問題集セット:https://jp.fast2test.com/CAS-005-premium-file.html

CAS-005試験情報と無料練習テスト:https://drive.google.com/open?id=1YdrDI0qdbomTtf5TiblD4IAo0doMkkzk


弊社を連絡する

我々は12時間以内ですべてのお問い合わせを答えます。

我々の働いている時間: ( GMT 0:00-15:00 )
月曜日から土曜日まで

サポート: 現在連絡 

English Deutsch 繁体中文 한국어