ExamTopics Logo
Mail Us[email protected]
Menu
Comptia Discussions
exam questions

Exam CAS-003 All Questions

View all questions & answers for the CAS-003 exam
Go to Exam

Exam CAS-003 topic 1 question 189 discussion

Actual exam question from CompTIA's CAS-003
Question #: 189
Topic #: 1
[All CAS-003 Questions]

An organization just merged with an organization in another legal jurisdiction and must improve its network security posture in ways that do not require additional resources to implement data isolation. One recommendation is to block communication between endpoint PCs. Which of the following would be the BEST solution?

  • A. Installing HIDS
  • B. Configuring a host-based firewall
  • C. Configuring EDR
  • D. Implementing network segmentation
Show Suggested Answer Hide Answer
Suggested Answer: D 🗳️
by Trap_D0_r at Feb. 12, 2021, 7:03 p.m.

Comments

Chosen Answer:
This is a voting comment (?). It is better to Upvote an existing comment if you don't have anything to add.
Switch to a voting comment New
Submit Cancel
arawaco
3 years, 9 months ago
you can do network segmentation in a zero-trust mode way. So, answer D.
upvoted 3 times
...
d10shivan
3 years, 10 months ago
Answer D: Network Segmentation - implementing independent VLANs that cannot route to each other will (in theory) block endpoints located in one VLAN from communicating with endpoints in the other, assuming Layer 2 devices, not Layer 3. However, I think the key to this questions is that it asks how to isolate data in ways that do not require additional resources. It can be assumed from the question that we’d have to procure/config/set-up a firewall if we picked that answer.
upvoted 3 times
D1960
3 years, 9 months ago
Host based firewalls are not hard to come by. I think most modern OSes have them pre-installed, or at least very easy to get. I think any of the answers would probably work. But the question makes it clear they want to "block communication" that is exactly what a firewall is designed to do.
upvoted 1 times
D1960
3 years, 8 months ago
The question also makes it clear the solutions "do not require additional resources." Again, there is already a host firewall on the endpoint. Just configure that. Why go crazy with complicated network segmentation schemes.
upvoted 2 times
...
...
...
Trap_D0_r
4 years, 2 months ago
B It's not D. D will not block communication between endpoint PCs.
upvoted 2 times
TheThreatGuy
4 years, 2 months ago
Yes it will... you separate by vlan and don’t allow routing between clans... host firewall would be almost impossible. You’d have to put in a new rule to block each pc you don’t want to give it access to. (Or vice versa to allow) . Answer is D.
upvoted 3 times
Trap_D0_r
4 years, 2 months ago
Absolutely and completely wrong. Every host in a VLAN will be able to talk to every other host in a VLAN, *even without a default gateway programmed into the host or available on the subnet*. That's how VLANs and Subnets work (please go check with an actual network admin if you think I'm wrong). A Host based firewall only needs a couple rules, and could be centrally managed from an EPO server. You allow traffic to/from the gateway and authorized intranet and internet servers, and let your explicit deny at the bottom of the firewall rule list block all other communication, which of course INCLUDES all other hosts on your subnet.
upvoted 2 times
vorozco
3 years, 2 months ago
I think the part that reads "One recommendation is to block communication between endpoint PCs" is there to throw us off. This doesn't even seem like a good recommendation here. If you remove that sentence and read the question as "...must improve its network security posture in ways that do not require additional resources to implement data isolation. Which of the following would be the BEST solution?" network segmentation makes better sense. EDR is an additional resource/solution that the organization would have to acquire, which the question says is NOT an option. EDR isn't even an isolation solution. Now, IF we were looking into how to implement the given recommendation of blocking communication between endpoint PCs, then B could be an option. But this is NOT what the question is asking for.
upvoted 1 times
...
...
D1960
3 years, 7 months ago
Note: B. Configuring **a** host-based firewall Maybe it's just bad wording. But wouldn't you have to configure the host firewalls on the *all* the endpoints? Not just *a* host-based firewall.
upvoted 1 times
...
...
zapato
3 years, 2 months ago
D is correct as they are trying to block communication between the merged companies. so keeping each company in its own vlan won't allow the traffic
upvoted 1 times
...
...
Community vote distribution
A (35%)
C (25%)
B (20%)
Other
Most Voted
A voting comment increases the vote count for the chosen answer by one.

Upvoting a comment with a selected answer will also increase the vote count towards that answer by one. So if you see a comment that you already agree with, you can upvote it instead of posting a new comment.

SaveCancel
exam
Someone Bought Contributor Access for:
SY0-701
London, 1 minute ago