CompTIA
CAS-002 · Question #162
CAS-002 Question #162: Real Exam Question with Answer & Explanation
The correct answer is C: Network security may need to be increased by reducing the number of available physical. When most conference attendees use smartphones, reducing available physical wired network ports limits an unused attack surface and focuses security resources appropriately.
Question
When attending the latest security conference, an information security administrator noticed only a few people carrying a laptop around. Most other attendees only carried their smartphones. Which of the following would impact the security of conference's resources?
Options
- AWireless network security may need to be increased to decrease access of mobile devices.
- BPhysical security may need to be increased to deter or prevent theft of mobile devices.
- CNetwork security may need to be increased by reducing the number of available physical
- DWireless network security may need to be decreased to allow for increased access of mobile
Explanation
When most conference attendees use smartphones, reducing available physical wired network ports limits an unused attack surface and focuses security resources appropriately.
Common mistakes.
- A. Increasing wireless security to decrease mobile device access contradicts the observed usage pattern - mobile devices are the primary access method and should be secured, not blocked.
- B. Physical security to deter theft addresses device-level asset loss but does not address network-level security risks introduced by a predominantly mobile user population.
- D. Decreasing wireless security to increase mobile access would expand the network attack surface and directly undermine the security posture of conference resources.
Concept tested. Network hardening for mobile-dominant user environments
Reference. https://nvlpubs.nist.gov/nistpubs/SpecialPublications/NIST.SP.800-187.pdf
Community Discussion
No community discussion yet for this question.