CompTIA CASP+ (CAS-003) — Question 359

A security analyst works for a defense contractor that produces classified research on drones. The contractor faces nearly constant attacks from sophisticated nation-state actors and other APIs.
Which of the following would help protect the confidentiality of the research data?

Answer options

• A. Use diverse components in layers throughout the architecture
• B. Implement non-heterogeneous components at the network perimeter
• C. Purge all data remnants from client devices' volatile memory at regularly scheduled intervals
• D. Use only in-house developed applications that adhere to strict SDLC security requirements

Correct answer: A

Explanation

Option A is correct because employing diverse components in layers enhances security by reducing the likelihood of a single point of failure and complicating attacks. Option B is incorrect since using non-heterogeneous components can create predictability, making the network more vulnerable. Option C, while good practice for data security, does not directly protect the confidentiality of the research data itself. Option D limits the flexibility and adaptability of the applications used, which may not provide the best security solution.