Examice

Exam CAS-004 All QuestionsBrowse all questions from this exam

Question 413

An organization recently completed a security controls assessment. The results highlighted the following vulnerabilities:

• Out-of-date definitions

• Misconfigured operating systems

• An inability to detect active attacks

• Unimpeded access to critical servers’ USB ports

Which of the following will most likely reduce the risks that were identified by the assessment team?

Install EDR on endpoints, configure group policy, lock server room doors, and install a camera system with guards watching 24/7.

Create an information security program that addresses user training, perform weekly audits of user workstations, and utilize a centralized configuration management program.

Update antivirus definitions, install NGFW with logging enabled, use USB port lockers, and run SCAP scans weekly.

Implement a vulnerability management program and a SIEM tool with alerting, install a badge system with zones, and restrict privileged access.

Correct Answer: C

To mitigate the identified risks, updating antivirus definitions will resolve the issue of out-of-date definitions. Installing a Next-Generation Firewall (NGFW) with logging enabled helps in detecting active attacks. Using USB port lockers will mitigate the risk of unimpeded access to critical servers' USB ports. Running weekly SCAP scans will ensure that any misconfigurations are detected and addressed in a timely manner. This comprehensive approach directly addresses each of the vulnerabilities highlighted in the assessment.

Discussion

isaphiltrickOption: C

Option C provides a comprehensive approach to directly addressing the vulnerabilities highlighted in the security controls assessment. Updating antivirus definitions ensures protection against known threats, NGFW with logging enhances detection of active attacks, USB port lockers physically secure critical servers, and weekly SCAP scans help maintain proper configuration and compliance.

041ba31Option: C

The best answer is C. Update antivirus definitions, install NGFW with logging enabled, use USB port lockers, and run SCAP scans weekly. This set of actions directly addresses the identified vulnerabilities: updating antivirus definitions resolves out-of-date definitions, installing a Next-Generation Firewall (NGFW) with logging can detect active attacks and address misconfigured operating systems, using USB port lockers mitigates the risk of unimpeded access to critical servers’ USB ports, and running SCAP scans weekly ensures ongoing vulnerability management and detection of misconfigurations.

cf13076Option: C

To reduce the risks identified in the security controls assessment for the CASP+ certification, the most appropriate action would be: C. Update antivirus definitions, install NGFW with logging enabled, use USB port lockers, and run SCAP scans weekly. This option addresses the specific vulnerabilities identified in the assessment: Updating antivirus definitions helps with the out-of-date definitions vulnerability. Installing a Next-Generation Firewall (NGFW) with logging enabled helps address misconfigured operating systems and an inability to detect active attacks. Using USB port lockers helps prevent unimpeded access to critical servers' USB ports. Running Security Content Automation Protocol (SCAP) scans weekly aids in identifying and addressing security issues proactively. Overall, this combination of measures aligns well with the identified vulnerabilities and would likely be the most effective in reducing the risks for the organization.