nerdexam
ExamsCAS-001Questions#475
CompTIA

CAS-001 · Question #475

CAS-001 Question #475: Real Exam Question with Answer & Explanation

The correct answer is A: Deploy new perimeter firewalls at all stores with UTM functionality.. Deploying perimeter firewalls with UTM (Unified Threat Management) functionality at all stores is the most effective solution. UTM appliances combine multiple security functions - stateful firewall, intrusion prevention, antivirus, content filtering, and application control - int

Question

A small retail company recently deployed a new point of sale (POS) system to all 67 stores. The core of the POS is an extranet site, accessible only from retail stores and the corporate office over a split-tunnel VPN. An additional split-tunnel VPN provides bi-directional connectivity back to the main office, which provides voice connectivity for store VoIP phones. Each store offers guest wireless functionality, as well as employee wireless. Only the staff wireless network has access to the POS VPN. Recently, stores are reporting poor response times when accessing the POS application from store computers as well as degraded voice quality when making phone calls. Upon investigation, it is determined that three store PCs are hosting malware, which is generating excessive network traffic. After malware removal, the information securitydepartment is asked to review the configuration and suggest changes to prevent this from happening again. Which of the following denotes the BEST way to mitigate future malware risk?

Options

  • ADeploy new perimeter firewalls at all stores with UTM functionality.
  • BChange antivirus vendors at the store and the corporate office.
  • CMove to a VDI solution that runs offsite from the same data center that hosts the new POS
  • DDeploy a proxy server with content filtering at the corporate office and route all traffic through it.

Explanation

Deploying perimeter firewalls with UTM (Unified Threat Management) functionality at all stores is the most effective solution. UTM appliances combine multiple security functions - stateful firewall, intrusion prevention, antivirus, content filtering, and application control - into a single device. Deploying UTM at the store perimeter addresses the root cause: malware was able to operate on store PCs and generate excessive traffic unchecked. Option B (changing antivirus vendors) does not address already-infected machines and doesn't prevent future infections at the network level. Option C (VDI) moves processing offsite but does not address the infected store PCs or prevent them from generating malicious traffic on the LAN. Option D (routing all traffic through a corporate proxy) conflicts with the split-tunnel VPN design and does not address malware already resident on store machines.

Community Discussion

No community discussion yet for this question.

Sign up to join the discussion
Full CAS-001 Practice