Which of the following BEST describes where the administrator should look to find information on the attack to determine if a response must be prepared for the systems?

– by 4

A systems administrator receives an advisory email that a recently discovered exploit is being used in another country and the financial institutions have ceased operations while they find a way to respond to the attack. Which of the following BEST describes where the administrator should look to find information on the attack to determine if a response must be prepared for the systems? (Choose two.)
A. Bug bounty websites
B. Hacker forums
C. Antivirus vendor websites
D. Trade industry association websites
E. CVE database
F. Company’s legal department

How to PASS CAS-004 in First Attempt?

FULL Printable PDF and Software. VALID exam to help you PASS.
comptia-exams

4 thoughts on “Which of the following BEST describes where the administrator should look to find information on the attack to determine if a response must be prepared for the systems?

  1. I’m going with CE

    from the CASP+ All-In-One:

    Here are some suggestions to consider when doing your security research.
    •   Visit vendor websites for the latest information on vulnerabilities, updates, FAQs, other software downloads, and best security practices.
    •   Use official information security sources such as RFCs, ISO, NIST, ISACA, EC-Council, (ISC)², and SANS.
    •   Subscribe to security mailing lists such as Bugtraq and CERT Advisories and Security Weekly.
    •   Visit vulnerability websites such as the CVE database, SecurityTracker, and SecurityFocus.

    Lane, Nicholas. CASP+ CompTIA Advanced Security Practitioner Certification All-in-One Exam Guide, Second Edition (Exam CAS-003) (p. 658). McGraw-Hill Education. Kindle Edition.

    2
    Reply

  3. After doing some research I would change my answer from B and C to B and E (CVE databases).

    (CAN’T POST JUSTIFICATION, ANTISPAM SYSTEM IS BLOCKING MY ANSWER)

    Reply

  4. I would choose:
    B. Hacker forums: since it is a recently discovered exploit, hacker forums could be useful to find extra information;
    C. Antivirus vendor websites: I am assuming antivirus solution is equal to Endpoint security solution. Although it is a very recent exploit (something like a zero-day), among the other options, this would be something I would do in real life.

    Further comments:
    – Bug bounty websites always state that you can’t publicize discovered vulnerabilities to other places. So, I can’t imagine a benefit from looking into those websites.
    – CVE database: from the question I understood that we’re dealing with recently discovered EXPLOITS, something like zero-days exploits. They still wouldn’t be available on CVE.
    – Company’s legal department: no way.
    – Trade industry association websites: I couldn’t find any security information on these websites in my quick search here.

    Reply

Leave a Reply

Your email address will not be published. Required fields are marked *


The reCAPTCHA verification period has expired. Please reload the page.