ExamTopics Logo
Mail Us[email protected]
Menu
Comptia Discussions
exam questions

Exam CAS-004 All Questions

View all questions & answers for the CAS-004 exam
Go to Exam

Exam CAS-004 topic 1 question 422 discussion

Actual exam question from CompTIA's CAS-004
Question #: 422
Topic #: 1
[All CAS-004 Questions]

A security administrator needs to implement a security solution that will:

• Limit the attack surface in case of an incident.
• Improve access control for external and internal network security.
• Improve performance with less congestion on network traffic.

Which of the following should the security administrator do?

  • A. Integrate threat intelligence feeds into the FIM.
  • B. Update firewall rules to match new IP addresses in use.
  • C. Configure SIEM dashboards to provide alerts and visualizations.
  • D. Deploy DLP rules based on updated PII formatting.
Show Suggested Answer Hide Answer
Suggested Answer: B 🗳️
by saucehozz at April 20, 2024, 7:33 a.m.

Comments

Chosen Answer:
This is a voting comment (?). It is better to Upvote an existing comment if you don't have anything to add.
Switch to a voting comment New
Submit Cancel
saucehozz
Highly Voted 1 year ago
Selected Answer: B
B. The only answer hits all requirements
upvoted 5 times
...
rice3cooker
Most Recent 7 months ago
Selected Answer: A
A. Integrate threat intelligence feeds into the FIM. Here's why: Integrating threat intelligence feeds into the FIM (Federated Identity Manager) can help limit the attack surface by providing real-time information about known threats. This allows the FIM to make informed decisions about access control and can help prevent unauthorized access. Updating firewall rules and configuring SIEM dashboards are important security measures, but they don't directly address the goal of limiting the attack surface and improving access control for external and internal network security. Deploying DLP rules is relevant for data protection, but it doesn't specifically address the goal of limiting the attack surface and improving access control. Therefore, integrating threat intelligence feeds into the FIM is the most effective solution for achieving the stated requirements.
upvoted 1 times
...
isaphiltrick
10 months ago
Selected Answer: B
Updating firewall rules to ensure they match the new IP addresses in use is crucial for maintaining effective access control. This action helps to limit the attack surface by ensuring that only authorized traffic is allowed through the firewall. Properly configured firewall rules can improve internal and external network security and reduce congestion by blocking unwanted or malicious traffic, thereby improving overall network performance.
upvoted 4 times
...
041ba31
11 months, 2 weeks ago
Selected Answer: B
The best answer is B. Update firewall rules to match new IP addresses in use. Updating firewall rules to match new IP addresses helps to limit the attack surface by only allowing traffic from known, trusted IPs. It also improves access control for both external and internal network security and can enhance performance by reducing unnecessary or unauthorized network traffic.
upvoted 3 times
...
cf13076
1 year ago
Selected Answer: B
B. Update firewall rules to match new IP addresses in use. By updating firewall rules to match the new IP addresses in use, the security administrator can limit the attack surface and improve access control for external and internal network security. This will also help improve performance by reducing congestion on network traffic.
upvoted 3 times
...
Community vote distribution
A (35%)
C (25%)
B (20%)
Other
Most Voted
A voting comment increases the vote count for the chosen answer by one.

Upvoting a comment with a selected answer will also increase the vote count towards that answer by one. So if you see a comment that you already agree with, you can upvote it instead of posting a new comment.

SaveCancel
exam
Someone Bought Contributor Access for:
SY0-701
London, 1 minute ago