CompTIA CASP+ (CAS-004) — Question 297

A security administrator needs to implement a security solution that will:

• Limit the attack surface in case of an incident.
• Improve access control for external and internal network security.
• Improve performance with less congestion on network traffic.

Which of the following should the security administrator do?

Answer options

• A. Integrate threat intelligence feeds into the FIM.
• B. Update firewall rules to match new IP addresses in use.
• C. Configure SIEM dashboards to provide alerts and visualizations.
• D. Deploy DLP rules based on updated PII formatting.

Correct answer: B

Explanation

The correct answer is B because updating firewall rules to match new IP addresses helps limit the attack surface and ensures proper access control by allowing only legitimate traffic. The other options, while beneficial for security, do not directly address the needs of limiting the attack surface and improving performance as effectively as updating firewall rules does.