An organization recently completed a security controls assessment. The results highlighted the following vulnerabilities:
•	Out-of-date definitions
•	Misconfigured operating systems
•	An inability to detect active attacks
•	Unimpeded access to critical servers’ USB ports
Which of the following will most likely reduce the risks that were identified by the assessment team?

A. Install EDR on endpoints, configure group policy, lock server room doors, and install a camera system with guards watching 24/7.

B. Create an information security program that addresses user training, perform weekly audits of user workstations, and utilize a centralized configuration management program.

C. Update antivirus definitions, install NGFW with logging enabled, use USB port lockers, and run SCAP scans weekly.

D. Implement a vulnerability management program and a SIEM tool with alerting, install a badge system with zones, and restrict privileged access.








 

Suggested Answer: C

Community Answer: C



This question is in CAS-004 CompTIA Advanced Security Practitioner (CASP+) Exam
For getting CompTIA Advanced Security Practitioner (CASP+) Certificate


Disclaimers:
The website is not related to, affiliated with, endorsed or authorized by CompTIA. 
Trademarks, certification & product names are used for reference only and belong to CompTIA.
The website does not contain actual questions and answers from CompTIA's Certification Exams.