New Year Sale 2026! Hurry Up, Grab the Special Discount - Save 25% - Ends In 00:00:00 Coupon code: SAVE25
Welcome to Pass4Success

- Free Preparation Discussions
Mail Us support@pass4success.com
Location US
Mob_nav_barsMENU

CompTIA CAS-005 Exam - Topic 3 Question 8 Discussion

Actual exam question for CompTIA's CAS-005 exam
Question #: 8
Topic #: 3
[All CAS-005 Questions]

A user reports application access issues to the help desk. The help desk reviews the logs for the user

Which of the following is most likely The reason for the issue?

Show Suggested Answer Hide Answer
Suggested Answer: A

Based on the provided logs, the user has accessed various applications from different geographic locations within a very short timeframe. This pattern is indicative of the 'impossible travel' security rule, a common feature in Single Sign-On (SSO) systems designed to detect and prevent fraudulent access attempts.

Analysis of Logs:

At 8:47 p.m., the user accessed a VPN from Toronto.

At 8:48 p.m., the user accessed email from Los Angeles.

At 8:48 p.m., the user accessed the human resources system from Los Angeles.

At 8:49 p.m., the user accessed email again from Los Angeles.

At 8:52 p.m., the user attempted to access the human resources system from Toronto, which was denied.

These rapid changes in location are physically impossible and typically trigger security measures to prevent unauthorized access. The SSO system detected these inconsistencies and likely flagged the activity as suspicious, resulting in access denial.


CompTIA SecurityX Study Guide

NIST Special Publication 800-63B, 'Digital Identity Guidelines'

'Impossible Travel Detection,' Microsoft Documentation

by Ma at Jan 13, 2025, 06:21 PM

Limited Time Offer

25%

Off

Get Premium CAS-005 Questions as Interactive Web-Based Practice Test or PDF

Contribute your Thoughts:

0/2000 characters
Submit Cancel
Ivette
3 months ago
A is a common issue. I've seen it happen before.
upvoted 0 times
...
Ngoc
3 months ago
D seems too simple. Are we sure it’s not something more serious?
upvoted 0 times
...
Lorean
3 months ago
Wait, could it really be C? I thought HR access was flexible.
upvoted 0 times
...
Kent
4 months ago
Nah, I’m leaning towards B. Sounds like a security breach.
upvoted 0 times
...
Verlene
4 months ago
I think it's definitely A. Impossible travel rules can be tricky.
upvoted 0 times
...
Laura
4 months ago
I vaguely remember something about approved subnets in our last session, so option D might be relevant, but I’m not confident about how strict those rules are.
upvoted 0 times
...
Merissa
4 months ago
I feel like option C is a strong contender since access restrictions based on time are common, but I can't recall if the user was trying to access it after hours.
upvoted 0 times
...
Ozell
4 months ago
I think option B could be a possibility too, especially if there's been recent suspicious activity on the account. It reminds me of a practice question we did on account compromise.
upvoted 0 times
...
Gracia
5 months ago
I remember studying about impossible travel rules in SSO systems, so option A seems plausible, but I'm not entirely sure how it applies here.
upvoted 0 times
...
Lisbeth
5 months ago
Alright, time to put on my detective hat. I'll start by reviewing the logs for any suspicious activity that could indicate an account compromise or unauthorized access attempt.
upvoted 0 times
...
Dorothea
5 months ago
I'm a bit unsure about this one. There are a few different security-related factors to consider, so I'll need to think through each option carefully.
upvoted 0 times
...
Izetta
5 months ago
Ah, this is a classic security-related question. I'm pretty confident I can narrow it down to the right answer by analyzing the information provided in the logs.
upvoted 0 times
...
Meaghan
5 months ago
Okay, let's see here. The user reported access issues, so I'll need to focus on the security-related options like the impossible travel rule or an account compromise.
upvoted 0 times
...
Rodrigo
5 months ago
Hmm, this looks like a tricky one. I'll need to carefully review the logs and the options to determine the most likely reason for the access issue.
upvoted 0 times
...
Farrah
1 year ago
But what if it's option D, the user didn't connect from an approved subnet?
upvoted 0 times
...
Charlena
1 year ago
I disagree, I believe it's option B, a threat actor compromised the account.
upvoted 0 times
...
Nickie
1 year ago
Haha, these answers are getting more and more creative! I'm starting to feel like I'm in an episode of 'The IT Crowd'.
upvoted 0 times
Anna
1 year ago
B) A threat actor has compromised the user's account and attempted to log
upvoted 0 times
...
Onita
1 year ago
A) The user inadvertently tripped the impossible travel security rule in the SSO system.
upvoted 0 times
...
...
Nida
1 year ago
Connecting from an approved subnet? Ah, the joys of corporate IT policies. I bet the user just forgot to VPN in.
upvoted 0 times
...
Farrah
1 year ago
I think the reason could be option A, the user tripped the security rule.
upvoted 0 times
...
Tawanna
1 year ago
Not allowed to access HR outside of business hours? Looks like someone's trying to keep their work and personal life separate. Good luck with that!
upvoted 0 times
Whitley
1 year ago
C: The logs will tell us the real reason for the access issue.
upvoted 0 times
...
Shawnee
1 year ago
B: Maybe they just needed to finish up some work.
upvoted 0 times
...
Anjelica
1 year ago
A: Looks like someone's trying to access HR outside of business hours.
upvoted 0 times
...
...
Carylon
1 year ago
A threat actor compromising the user's account? Looks like we've got a real-life hacker on our hands. Time to call in the cyber-police!
upvoted 0 times
...
Salley
1 year ago
The impossible travel security rule? That's a new one! Sounds like something straight out of a spy movie.
upvoted 0 times
Nadine
1 year ago
C) The user is not allowed to access the human resources system outside of business hours.
upvoted 0 times
...
Tori
1 year ago
A) That's crazy! I hope they catch that threat actor soon.
upvoted 0 times
...
Cecilia
1 year ago
B) A threat actor has compromised the user's account and attempted to log in.
upvoted 0 times
...
Jestine
1 year ago
A) The user inadvertently tripped the impossible travel security rule in the SSO system.
upvoted 0 times
...
...

Save Cancel