CompTIA CASP+ (CAS-004) — Question 339

A cloud security architect has been tasked with finding a solution for hardening VMs. The solution must meet the following requirements:

• Data needs to be stored outside of the VMs.
• No unauthorized modifications to the VMs are allowed.
• If a change needs to be done, a new VM needs to be deployed.

Which of the following is the best solution?

Answer options

• A. Immutable system
• B. Data loss prevention
• C. Storage area network
• D. Baseline template

Correct answer: A

Explanation

The correct answer is A, Immutable system, as it ensures that once a VM is created, it cannot be modified, meeting the requirement for no unauthorized changes. Options B, C, and D do not fully address the need for preventing modifications to VMs and the requirement to use a new VM for changes.