CompTIA CASP+ (CAS-003) — Question 77

An engineer is assisting with the design of a new virtualized environment that will house critical company services and reduce the datacenter's physical footprint.
The company has expressed concern about the integrity of operating systems and wants to ensure a vulnerability exploited in one datacenter segment would not lead to the compromise of all others. Which of the following design objectives should the engineer complete to BEST mitigate the company's concerns? (Choose two.)

Answer options

• A. Deploy virtual desktop infrastructure with an OOB management network
• B. Employ the use of vTPM with boot attestation
• C. Leverage separate physical hardware for sensitive services and data
• D. Use a community CSP with independently managed security services
• E. Deploy to a private cloud with hosted hypervisors on each physical machine

Correct answer: A, C

Explanation

The correct answers are A and C because deploying virtual desktop infrastructure with an OOB management network helps isolate management traffic, reducing the risk of compromise across segments. Additionally, using separate physical hardware for sensitive services ensures that even if one segment is compromised, others remain secure. The other options do not provide the same level of physical separation or isolation needed to mitigate the company's security concerns.