CompTIA
CAS-003 · Question #588
CAS-003 Question #588: Real Exam Question with Answer & Explanation
The correct answer is C: Application whitelisting. Application whitelisting is the technical control that enforces a policy where only pre-approved, baseline-image software is permitted to run on corporate desktops.
Question
A company uses an enterprise desktop imaging solution to manage deployment of its desktop computers. Desktop computer users are only permitted to use software that is part of the baseline image. Which of the following technical solutions was MOST likely deployed by the company to ensure only known-good software can be installed on corporate desktops?
Options
- ANetwork access control
- BConfiguration Manager
- CApplication whitelisting
- DFile integrity checks
Explanation
Application whitelisting is the technical control that enforces a policy where only pre-approved, baseline-image software is permitted to run on corporate desktops.
Common mistakes.
- A. Network access control enforces device compliance before granting network access but does not restrict which applications can execute on the endpoint once it is connected.
- B. Configuration Manager is a software deployment and patch management platform that can push software but does not inherently block unauthorized applications from being installed or run.
- D. File integrity checks detect unauthorized modifications to existing files after the fact but do not prevent new, unauthorized software from being installed or executed.
Concept tested. Application whitelisting to enforce software baseline policy
Reference. https://csrc.nist.gov/publications/detail/sp/800-167/final
Community Discussion
No community discussion yet for this question.