exam questions

Exam CAS-004 All Questions

View all questions & answers for the CAS-004 exam

Exam CAS-004 topic 1 question 447 discussion

Actual exam question from CompTIA's CAS-004
Question #: 447
Topic #: 1
[All CAS-004 Questions]

A security engineer is re-architecting a network environment that provides regional electric distribution services. During a pretransition baseline assessment, the engineer identified the following security-relevant characteristics of the environment:

• Enterprise IT servers and supervisory industrial systems share the same subnet.
• Supervisory controllers use the 750MHz band to direct a portion of fielded PLCs.
• Command and telemetry messages from industrial control systems are unencrypted and unauthenticated.

Which of the following re-architecture approaches would be best to reduce the company's risk?

  • A. Implement a one-way guard between enterprise IT services and mission-critical systems, obfuscate legitimate RF signals by broadcasting noise, and implement modern protocols to authenticate ICS messages.
  • B. Characterize safety-critical versus non-safety-critical systems, isolate safety-critical systems from other systems, and increase the directionality of RF links in the field.
  • C. Create a new network segment for enterprise IT servers, configure NGFW to enforce a well-defined segmentation policy, and implement a WIDS to monitor the spectrum.
  • D. Segment supervisory controllers from field PLCs, disconnect the entire network from the internet, and use only the 750MHz link for controlling energy distribution services.
Show Suggested Answer Hide Answer
Suggested Answer: C 🗳️

Comments

Chosen Answer:
This is a voting comment (?). It is better to Upvote an existing comment if you don't have anything to add.
Switch to a voting comment New
Steel16
1 week, 1 day ago
Selected Answer: C
o Network Segmentation: Separating enterprise IT servers from supervisory industrial systems reduces the risk of lateral movement by attackers. o Next-Generation Firewall (NGFW): Enforcing a well-defined segmentation policy with an NGFW enhances security by controlling and monitoring traffic between segments. o Wireless Intrusion Detection System (WIDS): Monitoring the spectrum with a WIDS helps detect and respond to unauthorized or malicious wireless activities.
upvoted 1 times
...
grelaman
5 months, 2 weeks ago
Selected Answer: A
- Establish a unidirectional gateway (data diode) that allows data to flow in only one direction—from mission-critical systems to enterprise IT—but blocks any data from flowing back. Physically and logically separates the enterprise IT network from the supervisory industrial systems, mitigating the risk of cross-network attacks. Prevents potential threats originating from the enterprise IT environment from reaching mission-critical systems. - Introduce controlled RF noise to mask or obfuscate legitimate communication signals, making it harder for unauthorized parties to intercept or decipher them. Reduces the likelihood of attackers successfully intercepting RF communications. - Upgrade communication protocols to include encryption and authentication mechanisms. Ensures that command and telemetry messages are protected from unauthorized access and tampering. Verifies the identity of communicating parties, preventing spoofing attacks.
upvoted 1 times
...
23169fd
8 months ago
Selected Answer: C
Network segmentation ensures that enterprise IT systems and mission-critical industrial systems are isolated from each other, reducing the risk of malware or attacks spreading across these environments. NGFW provides robust security controls and monitoring to enforce the segmentation policy effectively. WIDS enhances security for the RF communication used by supervisory controllers, adding a layer of detection for any suspicious or malicious activity.
upvoted 2 times
...
armid
8 months, 1 week ago
Selected Answer: C
https://csrc.nist.gov/glossary/term/wireless_intrusion_detection_system
upvoted 2 times
...
isaphiltrick
8 months, 1 week ago
Selected Answer: B
B is the best choice as it directly addresses the identified risks by prioritizing the isolation and protection of safety-critical systems, improving RF signal management, and maintaining operational integrity. This approach ensures that critical systems are adequately secured while maintaining necessary connectivity and operational efficiency in the regional electric distribution services environment.
upvoted 1 times
...
Community vote distribution
A (35%)
C (25%)
B (20%)
Other
Most Voted
A voting comment increases the vote count for the chosen answer by one.

Upvoting a comment with a selected answer will also increase the vote count towards that answer by one. So if you see a comment that you already agree with, you can upvote it instead of posting a new comment.

SaveCancel
Loading ...
exam
Someone Bought Contributor Access for:
SY0-701
London, 1 minute ago