CompTIA SecurityX (CAS-005) — Question 199

A company isolates its ОТ systems from other areas of the corporate network. These systems are required to report usage information over the internet to the vendor. Which of the following best prevents compromise or sabotage? (Choose two.)

Answer options

• A. Implementing allow lists
• B. Monitoring network behaviors
• C. Encrypting data at rest
• D. Performing boot integrity checks
• E. Executing daily health checks
• F. Implementing a site-to-site IPSec VPN

Correct answer: A, F

Explanation

Implementing allow lists controls which entities can access the OT systems, reducing the risk of unauthorized access. A site-to-site IPSec VPN encrypts the data transmitted over the internet, ensuring that the usage information is secure during transit. The other options, while useful, do not provide the same level of protection against both unauthorized access and data interception.