Valid CAS-005 Dumps shared by ExamDiscuss.com for Helping Passing CAS-005 Exam! ExamDiscuss.com now offer the newest CAS-005 exam dumps, the ExamDiscuss.com CAS-005 exam questions have been updated and answers have been corrected get the newest ExamDiscuss.com CAS-005 dumps with Test Engine here:
Access CAS-005 Dumps Premium Version
(250 Q&As Dumps, 35%OFF Special Discount Code: freecram)
<< Prev Question
Question 65/65
A company isolated its OT systems from other areas of the corporate network These systems are required to report usage information over the internet to the vendor Which oi the following b*st reduces the risk of compromise or sabotage' (Select two).
Correct Answer: A,F
A . Implementing allow lists: Allow lists (whitelisting) restrict network communication to only authorized devices and applications, significantly reducing the attack surface by ensuring that only pre-approved traffic is permitted.
F . Implementing a site-to-site IPSec VPN: A site-to-site VPN provides a secure, encrypted tunnel for data transmission between the OT systems and the vendor, protecting the data from interception and tampering during transit.
Other options:
B . Monitoring network behavior: While useful for detecting anomalies, it does not proactively reduce the risk of compromise or sabotage.
C . Encrypting data at rest: Important for protecting data stored on devices, but does not address network communication risks.
D . Performing boot integrity checks: Ensures the integrity of the system at startup but does not protect ongoing network communications.
E . Executing daily health checks: Useful for maintaining system health but does not directly reduce the risk of network-based compromise or sabotage.
Reference:
CompTIA Security+ Study Guide
NIST SP 800-82, "Guide to Industrial Control Systems (ICS) Security"
"Industrial Network Security" by Eric D. Knapp and Joel Thomas Langill
F . Implementing a site-to-site IPSec VPN: A site-to-site VPN provides a secure, encrypted tunnel for data transmission between the OT systems and the vendor, protecting the data from interception and tampering during transit.
Other options:
B . Monitoring network behavior: While useful for detecting anomalies, it does not proactively reduce the risk of compromise or sabotage.
C . Encrypting data at rest: Important for protecting data stored on devices, but does not address network communication risks.
D . Performing boot integrity checks: Ensures the integrity of the system at startup but does not protect ongoing network communications.
E . Executing daily health checks: Useful for maintaining system health but does not directly reduce the risk of network-based compromise or sabotage.
Reference:
CompTIA Security+ Study Guide
NIST SP 800-82, "Guide to Industrial Control Systems (ICS) Security"
"Industrial Network Security" by Eric D. Knapp and Joel Thomas Langill
- Question List (65q)
- Question 1: A news organization wants to implement workflows that allow ...
- Question 2: The security team is looking into aggressive bot behavior th...
- Question 3: SIMULATION A product development team has submitted code sni...
- Question 4: A software company deployed a new application based on its i...
- Question 5: A security professional is investigating a trend in vulnerab...
- Question 6: An organization is developing on Al-enabled digital worker t...
- Question 7: A company wants to install a three-tier approach to separate...
- Question 8: A developer makes a small change to a resource allocation mo...
- Question 9: Third parties notified a company's security team about vulne...
- Question 10: Within a SCADA a business needs access to the historian serv...
- Question 11: Emails that the marketing department is sending to customers...
- Question 12: A developer needs to improve the cryptographic strength of a...
- Question 13: A security analyst received a notification from a cloud serv...
- Question 14: A central bank implements strict risk mitigations for the ha...
- Question 15: A company hosts a platform-as-a-service solution with a web-...
- Question 16: A systems administrator wants to use existing resources to a...
- Question 17: A security engineer is developing a solution to meet the fol...
- Question 18: A company is developing a new service product offering that ...
- Question 19: Company A acquired Company B and needs to determine how the ...
- Question 20: All organization is concerned about insider threats from emp...
- Question 21: A security engineer needs 10 secure the OT environment based...
- Question 22: SIMULATION An IPSec solution is being deployed. The configur...
- Question 23: A security engineer performed a code scan that resulted in m...
- Question 24: A company that relies on an COL system must keep it operatin...
- Question 25: An organization found a significant vulnerability associated...
- Question 26: SIMULATION A security engineer needs to review the configura...
- Question 27: The material finding from a recent compliance audit indicate...
- Question 28: A company is having issues with its vulnerability management...
- Question 29: A user reports application access issues to the help desk. T...
- Question 30: A software engineer is creating a CI/CD pipeline to support ...
- Question 31: A security analyst is reviewing the following authentication...
- Question 32: A security engineer wants to stay up-to-date on new detectio...
- Question 33: Company A and Company D ate merging Company A's compliance r...
- Question 34: An organization wants to implement a platform to better iden...
- Question 35: A network engineer must ensure that always-on VPN access is ...
- Question 36: A company receives reports about misconfigurations and vulne...
- Question 37: A security team is responding to malicious activity and need...
- Question 38: A security analyst is reviewing suspicious log-in activity a...
- Question 39: Recent repents indicate that a software tool is being exploi...
- Question 40: A security analyst wants to use lessons learned from a poor ...
- Question 41: An endpoint security engineer finds that a newly acquired co...
- Question 42: While reviewing recent modem reports, a security officer dis...
- Question 43: A company wants to use loT devices to manage and monitor the...
- Question 44: A company's help desk is experiencing a large number of call...
- Question 45: The security team is looking into aggressive bot behavior th...
- Question 46: SIMULATION You are tasked with integrating a new B2B client ...
- Question 47: A company's security policy states that any publicly availab...
- Question 48: A company's SICM Is continuously reporting false positives a...
- Question 49: A company detects suspicious activity associated with extern...
- Question 50: During a gap assessment, an organization notes that OYOD usa...
- Question 51: Which of the following AI concerns is most adequately addres...
- Question 52: An audit finding reveals that a legacy platform has not reta...
- Question 53: Which of the following best explains the importance of deter...
- Question 54: An organization is required to * Respond to internal and ext...
- Question 55: A security operations engineer needs to prevent inadvertent ...
- Question 56: After remote desktop capabilities were deployed in the envir...
- Question 57: A systems engineer is configuring a system baseline for serv...
- Question 58: A financial services organization is using Al lo fully autom...
- Question 59: A company wants to invest in research capabilities with the ...
- Question 60: A company recently experienced an incident in which an advan...
- Question 61: A hospital provides tablets to its medical staff to enable t...
- Question 62: A security analyst discovered requests associated with IP ad...
- Question 63: A financial technology firm works collaboratively with busin...
- Question 64: A security officer performs due diligence activities before ...
- Question 65: A company isolated its OT systems from other areas of the co...
