nerdexam
ExamsCAS-002Questions#266
CompTIA

CAS-002 · Question #266

CAS-002 Question #266: Real Exam Question with Answer & Explanation

The correct answer is C: Create an IP camera network and deploy a proxy to authenticate users prior to accessing. Because the IP cameras cannot authenticate users natively, a proxy server in front of the camera network provides a centralized authentication layer before granting access to video streams.

Question

Ann, a Physical Security Manager, is ready to replace all 50 analog surveillance cameras with IP cameras with built-in web management. Ann has several security guard desks on different networks that must be able to view the cameras without unauthorized people viewing the video as well. The selected IP camera vendor does not have the ability to authenticate users at the camera level. Which of the following should Ann suggest to BEST secure this environment?

Options

  • ACreate an IP camera network and deploy NIPS to prevent unauthorized access.
  • BCreate an IP camera network and only allow SSL access to the cameras.
  • CCreate an IP camera network and deploy a proxy to authenticate users prior to accessing
  • DCreate an IP camera network and restrict access to cameras from a single management

Explanation

Because the IP cameras cannot authenticate users natively, a proxy server in front of the camera network provides a centralized authentication layer before granting access to video streams.

Common mistakes.

  • A. A Network Intrusion Prevention System detects and blocks malicious or anomalous traffic patterns but cannot enforce user authentication for legitimate, authorized access requests to the camera streams.
  • B. Restricting access to SSL-only encrypts video streams in transit but does not authenticate which users are permitted to view them, since the cameras themselves cannot validate credentials regardless of transport security.
  • D. Restricting camera access to a single management host would prevent the security guards stationed at multiple network locations from viewing the cameras, directly contradicting the stated operational requirement.

Concept tested. Proxy-based authentication compensating for unauthenticated IP cameras

Community Discussion

No community discussion yet for this question.

Sign up to join the discussion
Full CAS-002 Practice