CompTIA SecurityX (CAS-005) — Question 93

A security administrator is performing a gap assessment against a specific OS benchmark. The benchmark requires the following configurations be applied to endpoints:

• Full disk encryption
• Host-based firewall
• Time synchronization
• Password policies
• Application allow listing
• Zero Trust application access

Which of the following solutions best addresses the requirements? (Choose two.)

Answer options

• A. MDM
• B. CASB
• C. SBoM
• D. SCAP
• E. SASE
• F. HIDS

Correct answer: A, E

Explanation

MDM (Mobile Device Management) is effective for enforcing full disk encryption and password policies on endpoints, while SASE (Secure Access Service Edge) supports Zero Trust application access and can integrate with firewalls. The other options, such as CASB, SBoM, SCAP, and HIDS, do not comprehensively address all the required configurations outlined in the benchmark.