exam questions

Exam CAS-004 All Questions

View all questions & answers for the CAS-004 exam

Exam CAS-004 topic 1 question 342 discussion

Actual exam question from CompTIA's CAS-004
Question #: 342
Topic #: 1
[All CAS-004 Questions]

A security consultant is designing an infrastructure security solution for a client company that has provided the following requirements:

• Access to critical web services at the edge must be redundant and highly available.
• Secure access services must be resilient to a proprietary zero-day vulnerability in a single component.
• Automated transition of secure access solutions must be able to be triggered by defined events or manually by security operations staff.

Which of the following solutions BEST meets these requirements?

  • A. Implementation of multiple IPSec VPN solutions with diverse endpoint configurations enabling user optionality in the selection of a remote access provider.
  • B. Remote access services deployed using vendor-diverse redundancy with event response driven by playbooks.
  • C. Two separate secure access solutions orchestrated by SOAR with components provided by the same vendor for compatibility.
  • D. Reverse TLS proxy configuration using OpenVPN/OpenSSL with scripted failover functionality that connects critical web services out to endpoint computers.
Show Suggested Answer Hide Answer
Suggested Answer: B 🗳️

Comments

Chosen Answer:
This is a voting comment (?). It is better to Upvote an existing comment if you don't have anything to add.
Switch to a voting comment New
Steel16
2 weeks ago
Selected Answer: B
o Vendor-diverse redundancy: This addresses the requirement for resilience against a single component vulnerability. By using multiple vendors with different technologies, if one vendor experiences a zero-day exploit, the other solution can still provide secure access. o Event response driven by playbooks: This allows for automated transition between secure access solutions based on defined events. This triggers the switch to the backup solution in the case of an attack or other issue, ensuring minimal downtime.
upvoted 1 times
Steel16
1 week, 5 days ago
o SOAR orchestration (Option C): While using SOAR for orchestration can be beneficial, the requirement for vendor diversity is not directly addressed by this option. If both solutions use components from the same vendor, they might be susceptible to the same zero-day vulnerability.
upvoted 1 times
...
...
Anarckii
8 months, 2 weeks ago
Selected Answer: B
C would be a good choice but it doesn't match all the requirements Automated transition of secure access solutions must be able to be triggered by defined events or manually by security operations staff. Using playbooks for event-driven responses ensures that transitions are automated and consistent. SOAR can use automation but it doesn't address zero-day vulnerabilities. That will need to be done by security professionals
upvoted 3 times
...
weaponxcel
10 months, 4 weeks ago
Selected Answer: B
B. Remote access services deployed using vendor-diverse redundancy with event response driven by playbooks. This solution provides the following benefits: Redundancy and high availability: By deploying remote access services using vendor-diverse redundancy, the client company can ensure that access to critical web services will remain available even if one of the vendors experiences an outage. Resilience to zero-day vulnerabilities: By using vendor-diverse redundancy, the client company is less likely to be affected by a proprietary zero-day vulnerability in a single component. Automated transition: By using event response driven by playbooks, the client company can automate the transition to a backup remote access solution in the event of an outage or security incident.
upvoted 3 times
...
CXSSP
11 months, 3 weeks ago
Option C suggests using two separate secure access solutions orchestrated by SOAR (Security Orchestration, Automation, and Response) with components provided by the same vendor for compatibility. While this could provide redundancy, it doesn't explicitly address the requirement for resilience to a zero-day vulnerability in a single component. Additionally, it may not offer the same level of vendor-diverse redundancy as option B. Option B, on the other hand, specifically mentions deploying remote access services with vendor-diverse redundancy and using playbooks for event-driven responses. This option aligns more closely with the provided requirements, making it the better choice.
upvoted 1 times
...
Johnxyzzzz
11 months, 3 weeks ago
Selected Answer: B
B. Vendor diversity prevents zero-day vulnerabilities from affecting the entire infrastructure.
upvoted 2 times
...
CoolCat22
1 year ago
Selected Answer: C
Using SOAR allows for automated transition of secure access solutions triggered by defined events or manually by security operations staff. This enhances response and adaptability to changing security situations.
upvoted 4 times
...
CXSSP
1 year ago
Selected Answer: B
B. Remote access services deployed using vendor-diverse redundancy with event response driven by playbooks. This solution aligns with the client's requirements: Access Redundancy and High Availability: The use of vendor-diverse redundancy ensures that even if one vendor's solution experiences an outage, the other can continue to provide access to critical web services. This helps achieve redundancy and high availability. Resilience to Proprietary Zero-Day Vulnerability: By using diverse vendors, the risk of a zero-day vulnerability affecting both solutions simultaneously is reduced. Additionally, playbooks can be created to respond to events, including the detection of vulnerabilities. This allows for a quick transition to the alternative solution if a vulnerability is detected. Automated Transition and Manual Triggering: Playbooks provide the automation required to trigger transitions in response to defined events. Additionally, they can be manually triggered by security operations staff when necessary.
upvoted 4 times
...
Community vote distribution
A (35%)
C (25%)
B (20%)
Other
Most Voted
A voting comment increases the vote count for the chosen answer by one.

Upvoting a comment with a selected answer will also increase the vote count towards that answer by one. So if you see a comment that you already agree with, you can upvote it instead of posting a new comment.

SaveCancel
Loading ...
exam
Someone Bought Contributor Access for:
SY0-701
London, 1 minute ago