CompTIA CASP+ (CAS-004) — Question 616

The Chief Information Security Officer is concerned about the possibility of employees downloading malicious files from the internet and opening them on corporate workstations. Which of the following solutions would be BEST to reduce this risk?

Answer options

• A. Integrate the web proxy with threat intelligence feeds.
• B. Scan all downloads using an antivirus engine on the web proxy.
• C. Block known malware sites on the web proxy.
• D. Execute the files in the sandbox on the web proxy.

Correct answer: D

Explanation

Executing files in a sandbox on the web proxy allows for safe analysis of potentially harmful files without risking the corporate environment. While integrating threat intelligence and scanning downloads are useful, they do not provide the same level of isolation from threats. Blocking known malware sites helps but does not address unknown threats that could still be downloaded.