CompTIA CASP+ (CAS-004) — Question 182

A city government's IT director was notified by the city council that the following cybersecurity requirements must be met to be awarded a large federal grant:

• Logs for all critical devices must be retained for 365 days to enable monitoring and threat hunting.
• All privileged user access must be tightly controlled and tracked to mitigate compromised accounts.
• Ransomware threats and zero-day vulnerabilities must be quickly identified.

Which of the following technologies would BEST satisfy these requirements? (Choose three.)

Answer options

• A. Endpoint protection
• B. Log aggregator
• C. Zero trust network access
• D. PAM
• E. Cloud sandbox
• F. SIEM
• G. NGFW

Correct answer: A, D, F

Explanation

The correct answers are Endpoint protection, PAM, and SIEM as they collectively address the requirements of log retention, access control for privileged users, and rapid identification of threats. Log aggregator and Cloud sandbox focus on different aspects of security and do not directly meet all specified requirements, while NGFW primarily provides network security without addressing the specific logging and access control needs outlined.