CAS-002 · Question #19
CAS-002 Question #19: Real Exam Question with Answer & Explanation
The correct answer is B: No transport security controls are implemented. The described network has strong endpoint controls (patching, AES encryption of data at rest, two-factor authentication, antivirus) and a perimeter firewall, but there is no mention of transport layer security such as TLS/HTTPS or encrypted protocols for data moving across the ne
Question
Options
- ANo effective controls in place
- BNo transport security controls are implemented
- CInsufficient user authentication controls are implemented
- DIPv6 is not incorporated in the network
Explanation
The described network has strong endpoint controls (patching, AES encryption of data at rest, two-factor authentication, antivirus) and a perimeter firewall, but there is no mention of transport layer security such as TLS/HTTPS or encrypted protocols for data moving across the network between workstations, servers, and the internet. Without transport security, sensitive data transmitted over the wire can be intercepted in plaintext. Option A is incorrect because multiple controls are in place. Option C is incorrect because two-factor authentication with biometrics and passwords is robust. Option D is incorrect because IPv6 is not a security requirement-IPv4 networks are widely and safely deployed.
Community Discussion
No community discussion yet for this question.