CompTIA SecurityX (CAS-005) — Question 148

A security architect is establishing requirements to design resilience in an enterprise system that will be extended to the company's other physical locations. The system must:

• Be survivable to one environmental catastrophe.
• Be recoverable within 24 hours of critical loss of availability.
• Be resilient to active exploitation of one site-to-site VPN solution.

Which of the following design components best meet these requirements while upholding security? (Choose two.)

Answer options

• A. Load-balance connection attempts and data egress at internet gateways.
• B. Allocate fully redundant and geographically distributed standby sites.
• C. Employ layering of routers from diverse vendors.
• D. Lease space to establish cold sites throughout other countries.
• E. Deploy redundant identity provider solutions.
• F. Implement full weekly backups to be stored off-site for each of the company's sites.

Correct answer: B, E

Explanation

Option B is correct because having fully redundant and geographically distributed standby sites ensures that the system can survive environmental catastrophes and facilitates quick recovery. Option E is also correct as deploying redundant identity provider solutions supports resilience against exploitation. The other options, while they may improve certain aspects of the system, do not directly address the specified requirements of survivability and recovery within the outlined constraints.