CAS-003 · Question #285
CAS-003 Question #285: Real Exam Question with Answer & Explanation
The correct answer is D: Lack of diversity increases the impact of specific events or attacks.. D (Lack of diversity increases the impact of specific events or attacks) is the greatest risk. This is the monoculture or single point of failure problem at an architectural level. If every data center runs identical hardware, firmware, and software, a single discovered vulnerabi
Question
Options
- ACompetitors gain an advantage by increasing their service offerings.
- BVendor lock in may prevent negotiation of lower rates or prices.
- CDesign constraints violate the principle of open design.
- DLack of diversity increases the impact of specific events or attacks.
Explanation
D (Lack of diversity increases the impact of specific events or attacks) is the greatest risk. This is the monoculture or single point of failure problem at an architectural level. If every data center runs identical hardware, firmware, and software, a single discovered vulnerability, a targeted exploit, or even a vendor-specific hardware defect can simultaneously affect the entire infrastructure. This is analogous to agricultural monocultures - one pest or disease can wipe out the whole crop. Option B (vendor lock-in and pricing) is a real business risk but is a financial concern, not a security threat. Option C (open design) is a design principle, not a risk from consolidation. Option A (competitive disadvantage) is a business strategy concern unrelated to IT security risk.
Community Discussion
No community discussion yet for this question.