CompTIA CASP+ (CAS-003) — Question 190

An organization is considering the use of a thin client architecture as it moves to a cloud-hosted environment. A security analyst is asked to provide thoughts on the security advantages of using thin clients and virtual workstations.
Which of the following are security advantages of the use of this combination of thin clients and virtual workstations?

Answer options

• A. Malicious insiders will not have the opportunity to tamper with data at rest and affect the integrity of the system.
• B. Thin client workstations require much less security because they lack storage and peripherals that can be easily compromised, and the virtual workstations are protected in the cloud where security is outsourced.
• C. All thin clients use TPM for core protection, and virtual workstations use vTPM for core protection with both equally ensuring a greater security advantage for a cloud-hosted environment.
• D. Malicious users will have reduced opportunities for data extractions from their physical thin client workstations, this reducing the effectiveness of local attacks.

Correct answer: B

Explanation

Option B is correct because thin clients typically do not store data locally, which minimizes the risk of data compromise, and virtual workstations benefit from cloud security measures. Options A and D focus on threats that thin clients mitigate but do not explain the significant advantage of reduced local attack surfaces. Option C incorrectly asserts that all thin clients utilize TPM, which is not universally true.