CompTIA
CAS-003 · Question #792
CAS-003 Question #792: Real Exam Question with Answer & Explanation
Sign in or unlock CAS-003 to reveal the answer and full explanation for question #792. The question stem and answer options stay visible for context.
Question
A company is outsourcing to an MSSP that performs managed detection and response services. The MSSP requires a server to be placed inside the network as a log aggregate and allows remote access to MSSP analyst. Critical devices send logs to the log aggregator, where data is stored for 12 months locally before being archived to a multitenant cloud. The data is then sent from the log aggregate to a public IP address in the MSSP datacenter for analysis. A security engineer is concerned about the security of the solution and notes the following: * The critical devise send cleartext logs to the aggregator. * The log aggregator utilize full disk encryption. * The log aggregator sends to the analysis server via port 80. * MSSP analysis utilize an SSL VPN with MFA to access the log aggregator remotely. * The data is compressed and encrypted prior to being achieved in the cloud. Which of the following should be the engineer's GREATEST concern?
Options
- AHardware vulnerabilities introduced by the log aggregate server
- BNetwork bridging from a remote access VPN
- CEncryption of data in transit
- DMultinancy and data remnants in the cloud
Unlock CAS-003 to see the answer
You've previewed enough free CAS-003 questions. Unlock CAS-003 for full answers, explanations, the timed quiz mode, progress tracking, and the master PDF. Question stem and options stay visible so you can still see what's on the exam.