ExamTopics Logo
Mail Us[email protected]
Menu
Comptia Discussions
exam questions

Exam CAS-004 All Questions

View all questions & answers for the CAS-004 exam
Go to Exam

Exam CAS-004 topic 1 question 623 discussion

Actual exam question from CompTIA's CAS-004
Question #: 623
Topic #: 1
[All CAS-004 Questions]

A company wants to improve the remote access process it uses for systems administrators who perform troubleshooting. Currently, troubleshooting is performed via SSH to the affected system and controlled by a border ACL. In order to SSH to a system, systems administrators must first log in to the VPN and then use a password-protected SSH key that is unique to each server. Which of the following should the company implement to improve this process and reduce the attack surface? (Choose two.)

  • A. MFA
  • B. Jump box
  • C. Air gap
  • D. Firewall
  • E. NAT gateway
  • F. DDoS protection
Show Suggested Answer Hide Answer
Suggested Answer: AB 🗳️
by Steel16 at March 11, 2025, 8:28 p.m.

Comments

Chosen Answer:
This is a voting comment (?). It is better to Upvote an existing comment if you don't have anything to add.
Switch to a voting comment New
Submit Cancel
Steel16
2 months ago
Selected Answer: AB
o MFA (Multi-Factor Authentication): Adding MFA enhances security by requiring multiple forms of verification before granting access. This significantly reduces the risk of unauthorized access, even if an SSH key or password is compromised. o Jump Box: A jump box (or bastion host) acts as a secure gateway through which all remote access must pass. This centralizes access control and monitoring, making it easier to manage and secure remote connections.
upvoted 1 times
Steel16
2 months ago
o Air Gap (Option C): This is a physical security measure that isolates systems from external networks, which is not practical for remote access. o Firewall (Option D): Firewalls are essential but are already part of the existing setup with the border ACL. o NAT Gateway (Option E): This is used for network address translation and does not directly enhance remote access security. o DDoS Protection (Option F): This protects against distributed denial-of-service attacks but does not specifically improve the remote access process.
upvoted 1 times
...
...
Community vote distribution
A (35%)
C (25%)
B (20%)
Other
Most Voted
A voting comment increases the vote count for the chosen answer by one.

Upvoting a comment with a selected answer will also increase the vote count towards that answer by one. So if you see a comment that you already agree with, you can upvote it instead of posting a new comment.

SaveCancel
exam
Someone Bought Contributor Access for:
SY0-701
London, 1 minute ago