CAS-003 · Question #213
CAS-003 Question #213: Real Exam Question with Answer & Explanation
The correct answer is A: Model the network in a series of VMs;. Establishing a behavioral baseline for heuristic security monitoring is safest when performed in a virtual model rather than on live systems. Modeling the network in VMs allows safe instrumentation without risking disruption to production operations.
Question
Options
- AModel the network in a series of VMs;
- BCompletely duplicate the network on virtual machines;
- CInstrument the operational network;
- DSchedule testing on operational systems when users are not present; instrument the
Explanation
Establishing a behavioral baseline for heuristic security monitoring is safest when performed in a virtual model rather than on live systems. Modeling the network in VMs allows safe instrumentation without risking disruption to production operations.
Common mistakes.
- B. Completely duplicating the entire distributed network on virtual machines is cost-prohibitive and logistically impractical compared to building a representative model.
- C. Directly instrumenting the operational network during baseline development risks introducing performance degradation or instability into production systems.
- D. Scheduling tests on live systems during off-hours still carries operational risk and fails to capture a true baseline of normal user-driven traffic behavior.
Concept tested. Virtual network modeling for security baseline establishment
Reference. https://csrc.nist.gov/publications/detail/sp/800-137/final
Community Discussion
No community discussion yet for this question.