CompTIA SecurityX (CAS-005) — Question 246

A hotel chain wants to use point-of-sale systems to allow customers to check in and out of their rooms without employee assistance. These systems should limit access to a specific set of programs approved to run, with all other programs blocked. Which of the following should the company configure to best support this goal?

Answer options

• A. Application control using a fresh image, with the applications fully configured as a baseline to build and block other applications from execution
• B. A host-based intrusion detection system to monitor and block all suspicious activities if they occur on the systems
• C. Anti-malware on these systems and only approved application file locations can be bypassed
• D. Event logs to be collected from the systems for all security events and some custom application logs

Correct answer: A

Explanation

The correct answer is A because application control with a fresh image ensures that only the specified applications are allowed to run, effectively blocking all others. Options B, C, and D do not provide the same level of control over application execution, as they focus on monitoring or additional security measures rather than directly restricting application access.