CompTIA CASP+ (CAS-004) — Question 472

A recent risk assessment revealed that users transferred data to and from unauthorized sites through terminal services. The security team needs to implement technical controls that allow specific employees to connect remotely and securely throughout the network. Which of the following data security techniques should the team use? (Choose two.)

Answer options

• A. Web content filter
• B. Bastion host
• C. Network traffic decryption/deep packet inspection
• D. Tokenization
• E. Data masking
• F. Blocking the use of external media

Correct answer: A, B

Explanation

The Web content filter (A) helps prevent users from accessing unauthorized sites by filtering web traffic, while the Bastion host (B) provides a secure gateway for remote connections. The other options, such as Network traffic decryption/deep packet inspection (C), Tokenization (D), Data masking (E), and Blocking the use of external media (F), do not specifically address the need to control remote access to the network securely.