CompTIA CASP+ (CAS-004) — Question 222

An architect is designing security scheme for an organization that is concerned about APTs. Any proposed architecture must meet the following requirements:

• Services must be able to be reconstituted quickly from a known-good state.
• Network services must be designed to ensure multiple diverse layers of redundancy.
• Defensive and responsive actions must be automated to reduce human operator demands.

Which of the following designs must be considered to ensure the architect meets these requirements? (Choose three.)

Answer options

• A. Increased efficiency by embracing advanced caching capabilities
• B. Geographic distribution of critical data and services
• C. Hardened and verified container usage
• D. Emulated hardware architecture usage
• E. Establishment of warm and hot sites for continuity of operations
• F. Heterogeneous architecture
• G. Deployment of IPS services that can identify and block malicious traffic
• H. Implementation and configuration of a SOAR

Correct answer: B, C, H

Explanation

The correct options, B, C, and H, are essential as they directly address the requirements for rapid restoration, redundancy, and automation. Geographic distribution (B) ensures service availability, hardened container usage (C) protects against vulnerabilities, and SOAR (H) automates responses to threats. The other options either don't directly align with the stated requirements or focus on aspects that are not prioritized in this scenario.