nerdexam
ExamsCAS-002Questions#63
CompTIA

CAS-002 · Question #63

CAS-002 Question #63: Real Exam Question with Answer & Explanation

The correct answer is D: Develop the use case for the devices and perform a risk analysis.. Before implementing any technical controls, integrations, or policies for new non-standard devices, the security manager must first develop the use case and perform a risk analysis. This foundational step defines what the devices will be used for, what data they will access, and

Question

The company is considering issuing non-standard tablet computers to executive management. Which of the following is the FIRST step the security manager should perform?

Options

  • AApply standard security policy settings to the devices.
  • BSet up an access control system to isolate the devices from the network.
  • CIntegrate the tablets into standard remote access systems.
  • DDevelop the use case for the devices and perform a risk analysis.

Explanation

Before implementing any technical controls, integrations, or policies for new non-standard devices, the security manager must first develop the use case and perform a risk analysis. This foundational step defines what the devices will be used for, what data they will access, and what threats and vulnerabilities they introduce. Without this analysis, applying security settings (A), isolating devices (B), or integrating them into remote access systems (C) would be premature and potentially misconfigured. Risk analysis drives all subsequent security decisions and ensures controls are proportionate and appropriate to the actual threat landscape. This follows the standard security lifecycle: assess before acting.

Community Discussion

No community discussion yet for this question.

Sign up to join the discussion
Full CAS-002 Practice