nerdexam
ExamsCAS-003Questions#414
CompTIA

CAS-003 · Question #414

CAS-003 Question #414: Real Exam Question with Answer & Explanation

The correct answer is D: Deploy a UTM solution. A UTM solution bundles multiple security functions into a single platform, making it the only option that satisfies all six security criteria listed by the COO.

Question

After several industry comnpetitors suffered data loss as a result of cyebrattacks, the Chief Operating Officer (COO) of a company reached out to the information security manager to review the organization's security stance. As a result of the discussion, the COO wants the organization to meet the following criteria: - Blocking of suspicious websites - Prevention of attacks based on threat intelligence - Reduction in spam - Identity-based reporting to meet regulatory compliance - Prevention of viruses based on signature - Project applications from web-based threats Which of the following would be the BEST recommendation the information security manager could make?

Options

  • AReconfigure existing IPS resources
  • BImplement a WAF
  • CDeploy a SIEM solution
  • DDeploy a UTM solution
  • EImplement an EDR platform

Explanation

A UTM solution bundles multiple security functions into a single platform, making it the only option that satisfies all six security criteria listed by the COO.

Common mistakes.

  • A. Reconfiguring existing IPS resources addresses only intrusion prevention and threat-intelligence-based attack blocking, leaving spam reduction, URL filtering, identity reporting, and AV unaddressed.
  • B. A WAF protects web applications from web-based attacks but does not provide spam reduction, URL blocking, identity-based reporting, or signature-based antivirus.
  • C. A SIEM aggregates and correlates logs for reporting and alerting but does not actively block threats, filter URLs, reduce spam, or prevent viruses.
  • E. An EDR platform focuses on endpoint detection and response including AV capabilities, but does not provide spam filtering, suspicious URL blocking, or identity-based regulatory reporting.

Concept tested. Unified Threat Management capabilities covering multiple security functions

Reference. https://www.comptia.org/content/guides/comptia-security-study-guide

Community Discussion

No community discussion yet for this question.

Sign up to join the discussion
Full CAS-003 Practice