CompTIA CASP+ (CAS-004) — Question 313

An organization recently completed a security controls assessment. The results highlighted the following vulnerabilities:

• Out-of-date definitions
• Misconfigured operating systems
• An inability to detect active attacks
• Unimpeded access to critical servers’ USB ports

Which of the following will most likely reduce the risks that were identified by the assessment team?

Answer options

• A. Install EDR on endpoints, configure group policy, lock server room doors, and install a camera system with guards watching 24/7.
• B. Create an information security program that addresses user training, perform weekly audits of user workstations, and utilize a centralized configuration management program.
• C. Update antivirus definitions, install NGFW with logging enabled, use USB port lockers, and run SCAP scans weekly.
• D. Implement a vulnerability management program and a SIEM tool with alerting, install a badge system with zones, and restrict privileged access.

Correct answer: C

Explanation

Option C is correct because updating antivirus definitions, installing a next-generation firewall (NGFW) with logging, using USB port lockers, and conducting weekly SCAP scans directly address the vulnerabilities identified. The other options, while they may enhance security posture, do not specifically target all the highlighted risks effectively.