CAS-001 · Question #95
CAS-001 Question #95: Real Exam Question with Answer & Explanation
The correct answer is A: Develop a network traffic baseline for each of the physical security systems.. To determine 'new threats' against newly deployed IP-based physical security systems, a network traffic baseline must first be established. A baseline documents normal traffic patterns, communication volumes, and expected behavior for each system. Once a baseline exists, any devi
Question
Options
- ADevelop a network traffic baseline for each of the physical security systems.
- BAir gap the physical security networks from the administrative and operational networks.
- CRequire separate non-VLANed networks and NIPS for each physical security system network.
- DHave the Network Operations Center (NOC) review logs and create a CERT to respond to breaches.
Explanation
To determine 'new threats' against newly deployed IP-based physical security systems, a network traffic baseline must first be established. A baseline documents normal traffic patterns, communication volumes, and expected behavior for each system. Once a baseline exists, any deviation-such as unexpected outbound connections, port scans, or unusual traffic spikes-can be flagged as a potential new threat. Option B (air gapping) improves security but prevents network-based threat detection entirely. Option C adds controls but does not provide a mechanism for identifying what constitutes a new or anomalous threat. Option D (NOC log review) is reactive and can only respond to known threat signatures, not determine new/unknown threats. A baseline enables anomaly-based threat detection.
Community Discussion
No community discussion yet for this question.