CompTIA Security+ (SY0-501) — Question 767

A Chief Information Security Officer (CISO) asks the security architect to design a method for contractors to access the company's internal wiki, corporate directory, and email services securely without allowing access to systems beyond the scope of their project. Which of the following methods would BEST fit the needs of the CISO?

Answer options

• A. VPN
• B. PaaS
• C. IaaS
• D. VDI

Correct answer: A

Explanation

A VPN is the most suitable option as it allows secure remote access to specific company resources while keeping contractors' access confined to only what is necessary for their projects. PaaS and IaaS are cloud service models that do not directly address secure access to internal resources. VDI provides a virtual desktop environment but is not specifically designed for controlled access to limited resources.