CompTIA
CAS-003 · Question #898
CAS-003 Question #898: Real Exam Question with Answer & Explanation
Sign in or unlock CAS-003 to reveal the answer and full explanation for question #898. The question stem and answer options stay visible for context.
Question
An organization recently suffered a high-impact loss due to a zero-day vulnerability exploited in a concentrator enabling iPSec VPN access for users. The attack included a pivot into the internal server subnet. The organization now wants to integrate new changes into its architecture to make a similar future attack less impactful. Which of the following changes would BEST achieve this objective?
Options
- AConfigure the IPSec VPN concentrator to support cipher suites with ephemeral keys.
- BRoutinely restore servers to a known state to reduce the likelihood of attacker persistence
- CRestrict user access to email and file services when connecting remotely
- DInstall a redundant VPN concentrator for high availability
- EDeploy and tune ACLs NIPS, and sensors within the server subnet
Unlock CAS-003 to see the answer
You've previewed enough free CAS-003 questions. Unlock CAS-003 for full answers, explanations, the timed quiz mode, progress tracking, and the master PDF. Question stem and options stay visible so you can still see what's on the exam.