CAS-003 · Question #742
CAS-003 Question #742: Real Exam Question with Answer & Explanation
The correct answer is A: The security manager did not enforce automate VPN connection.. The CFO connected to the corporate network over an untrusted hotel WiFi network without a VPN, exposing the session to interception or man-in-the-middle attack. A policy enforcing automatic VPN connection whenever a device is on an untrusted network would have encrypted all traff
Question
Options
- AThe security manager did not enforce automate VPN connection.
- BThe company's server did not have endpoint security enabled.
- CThe hotel and did require a wireless password to authenticate.
- DThe laptop did not have the host-based firewall properly configured.
Explanation
The CFO connected to the corporate network over an untrusted hotel WiFi network without a VPN, exposing the session to interception or man-in-the-middle attack. A policy enforcing automatic VPN connection whenever a device is on an untrusted network would have encrypted all traffic, preventing attackers on the hotel network from injecting malware or stealing credentials. Option C (hotel not requiring a WiFi password) is a contributing risk factor, but even password-protected hotel networks are untrusted - a mandatory VPN is the correct mitigation. Option B (no endpoint security on the server) and Option D (firewall misconfiguration) are less direct causes compared to the clearly unprotected public network connection.
Community Discussion
No community discussion yet for this question.