CompTIA
CAS-003 · Question #298
CAS-003 Question #298: Real Exam Question with Answer & Explanation
Sign in or unlock CAS-003 to reveal the answer and full explanation for question #298. The question stem and answer options stay visible for context.
Question
A company's existing forward proxies support software-based TLS decryption, but are currently at 60% load just dealing with AV scanning and content analysis for HTTP traffic. More than 70% outbound web traffic is currently encrypted. The switching and routing network infrastructure precludes adding capacity, preventing the installation of a dedicated TLS decryption system. The network firewall infrastructure is currently at 30% load and has software decryption modules that can be activated by purchasing additional license keys. An existing project is rolling out agent updates to end-user desktops as part of an endpoint security refresh. Which of the following is the BEST way to address these issues and mitigate risks to the organization?
Options
- APurchase the SSL, decryption license for the firewalls and route traffic back to the proxies for end-
- BRoll out application whitelisting to end-user desktops and decommission the existing proxies,
- CUse an EDP solution to address the malware issue and accept the diminishing role of the proxy
- DAccept the current risk and seek possible funding approval in the next budget cycle to replace the
Unlock CAS-003 to see the answer
You've previewed enough free CAS-003 questions. Unlock CAS-003 for full answers, explanations, the timed quiz mode, progress tracking, and the master PDF. Question stem and options stay visible so you can still see what's on the exam.