A company is transitioning to a new VDI environment, and a system engineer is responsible for developing a sustainable security strategy for the VDIs.
Which of the following is the MOST appropriate order of steps to be taken?
A. Firmware update, OS patching, HIDS, antivirus, baseline, monitoring agent
B. OS patching, baseline, HIDS, antivirus, monitoring agent, firmware update
C. Firmware update, OS patching, HIDS, antivirus, monitoring agent, baseline
D. Baseline, antivirus, OS patching, monitoring agent, HIDS, firmware update
How to PASS CAS-004 in First Attempt?FULL Printable PDF and Software. VALID exam to help you PASS. |
 |
A. Hardware, Software, Intrusion Detection, AV, baseline, monitoring agent
You must have everything lined up and ready with a baseline for monitor agent to measure what is normal and what is not. So monitoring agent is last.
I’m split between A and C…
On one hand you can use monitoring agents to monitor the baseline (A)
OR
The monitoring agents comes first to create the baseline (C)
Chicken or the egg?
I believe it’s A – Firmware update, OS patching, HIDS, antivirus, baseline, monitoring agent.
CompTIA CASP official prep course:
“A security baseline is a group of security configuration settings that apply to a particular system in the enterprise. In general, you create a baseline by measuring what the state of a system should be using metrics. These metrics should be relevant to the system and should be effective at measuring the performance of its configurations. The baseline is then used as a reference point in future analysis, as it helps you define the optimum level of security for any type of system. Because each baseline configuration is specific to a particular type of system, you will have separate baselines defined for desktop clients, file and print servers, Domain Name System (DNS)/BIND servers, application servers, directory services servers, and many other types of systems. ”
Explanation: I would establish a baseline before installing the monitoring agent, since the monitoring agent has no importance to security configuration settings.
C. Firmware update, OS patching, HIDS, antivirus, monitoring agent, baseline
can you explain why monitoring agent before baseline?
Is the monitoring agent before or after the baseline?
i thought after as it would be the minimum security requirement…