ExamTopics Logo
Mail Us[email protected]
Menu
Comptia Discussions
exam questions

Exam CAS-003 All Questions

View all questions & answers for the CAS-003 exam
Go to Exam

Exam CAS-003 topic 1 question 28 discussion

Actual exam question from CompTIA's CAS-003
Question #: 28
Topic #: 1
[All CAS-003 Questions]

An engineer is assisting with the design of a new virtualized environment that will house critical company services and reduce the datacenter's physical footprint.
The company has expressed concern about the integrity of operating systems and wants to ensure a vulnerability exploited in one datacenter segment would not lead to the compromise of all others. Which of the following design objectives should the engineer complete to BEST mitigate the company's concerns? (Choose two.)

  • A. Deploy virtual desktop infrastructure with an OOB management network
  • B. Employ the use of vTPM with boot attestation
  • C. Leverage separate physical hardware for sensitive services and data
  • D. Use a community CSP with independently managed security services
  • E. Deploy to a private cloud with hosted hypervisors on each physical machine
Show Suggested Answer Hide Answer
Suggested Answer: AC 🗳️
by ruch19 at July 15, 2020, 9:50 p.m.

Comments

Chosen Answer:
This is a voting comment (?). It is better to Upvote an existing comment if you don't have anything to add.
Switch to a voting comment New
Submit Cancel
tirajvid
1 year, 5 months ago
B and C B - Protects the integrity of the hosted OSs C - Prevent VM hopping between VMs hosting sensitive data and non sensitive data.
upvoted 1 times
...
D1960
3 years, 9 months ago
VDI seems like a bad idea. From the question: "vulnerability exploited in one datacenter segment would not lead to the compromise of all others" That is often a problem with virtualization. Compromise the hypervisor, and you can pivot from system to the next. This is the company's main concern. Using separate hardware would fix this.
upvoted 1 times
...
D1960
4 years ago
Restraint: reduce the datacenter's physical footprint. Concern-1: "integrity of operating systems" B. Employ the use of vTPM with boot attestation Concern-2: "vulnerability exploited in one datacenter segment would not lead to the compromise of all others" Maybe: E. Deploy to a private cloud with hosted hypervisors on each physical machine ? I know, everybody thinks the answer to concern-2 is A. But I don't see where A really addresses concern-2. Whereas E seems to, at least somewhat, address concern-2.
upvoted 2 times
...
americaman80
4 years, 1 month ago
It's A&B because the company is trying to reduce the number of pieces of equipment. Leveraging separate physical hardware would only add to the number of machines they have. B makes sense because if an attacker were to compromise a workstation, vTPM would be reset at the next reboot, so the attacker would not remain in persistence on that machine.
upvoted 2 times
D1960
4 years ago
Leveraging separate physical hardware might not add to the number of machines they have on site. The physical hardware could be offsite: private cloud, IaaS.
upvoted 1 times
...
...
D1960
4 years, 3 months ago
C. Leverage separate physical hardware for sensitive services and data To me, this makes some sense. A specific requirement is "ensure a vulnerability exploited in one datacenter segment would not lead to the compromise of all others." If you use separate hardware, you will not have to worry about a hacker jumping from one virtual machine to another.
upvoted 1 times
...
boblee
4 years, 8 months ago
a&b is is the correct answer.
upvoted 4 times
...
ruch19
4 years, 11 months ago
A,B ? B: to mitigate the "concern about the integrity of operating systems"
upvoted 2 times
...
Community vote distribution
A (35%)
C (25%)
B (20%)
Other
Most Voted
A voting comment increases the vote count for the chosen answer by one.

Upvoting a comment with a selected answer will also increase the vote count towards that answer by one. So if you see a comment that you already agree with, you can upvote it instead of posting a new comment.

SaveCancel