Secure Communication Solutions for Remote Military Missions | CAS-003 Exam Answer

The Most Concerning Element in Government's Security Solutions for Remote Military Missions

Question

The government is concerned with remote military missions being negatively impacted by the use of technology that may fail to protect operational security.

To remediate this concern, a number of solutions have been implemented, including the following: -> End-to-end encryption of all inbound and outbound communication, including personal email and chat sessions that allow soldiers to securely communicate with families.

-> Layer 7 inspection and TCP/UDP port restriction, including firewall rules to only allow TCP port 80 and 443 and approved applications -> A host-based whitelist of approved websites and applications that only allow mission-related tools and sites -> The use of satellite communication to include multiple proxy servers to scramble the source IP address Which of the following is of MOST concern in this scenario?

Answers

Explanations

Click on the arrows to vote for the correct answer

A. B. C. D.

B.

The scenario described is about addressing concerns of operational security during remote military missions. To remediate these concerns, various solutions have been implemented, such as end-to-end encryption of all communication, layer 7 inspection, TCP/UDP port restrictions, host-based whitelisting of approved websites and applications, and the use of satellite communication with multiple proxy servers to scramble source IP addresses.

The question asks for the MOST concerning issue in the given scenario, among the following options:

A. The unsecure port 80 being used for general web traffic B. Family members posting geotagged images on social media that were received via email from soldiers C. The effect of communication latency that may negatively impact real-time communication with mission control D. The use of centrally managed military network and computers by soldiers when communicating with external parties.

Option A: The unsecure port 80 being used for general web traffic This option is about the use of an unsecured port for general web traffic. It is stated in the scenario that only TCP port 80 and 443 (HTTPS) are allowed, which means that port 80 is likely being used for unencrypted web traffic. While unencrypted web traffic could be intercepted and potentially used to gather information about the military mission, it is not the MOST concerning issue, given that the other measures in place (such as end-to-end encryption and layer 7 inspection) mitigate this risk to some extent. Therefore, option A is not the correct answer.

Option B: Family members posting geotagged images on social media that were received via email from soldiers This option is about the risk of geotagged images posted on social media by family members who received them from soldiers via email. Geotagged images can reveal the location of soldiers, which is a security risk. While this is a valid concern, it is not the MOST concerning issue in the scenario, as it is outside the control of the military mission and its communication protocols. The military can provide training to soldiers and their families to raise awareness of this issue, but ultimately, it is up to individuals to act responsibly. Therefore, option B is not the correct answer.

Option C: The effect of communication latency that may negatively impact real-time communication with mission control This option is about the impact of communication latency on real-time communication with mission control. Communication latency refers to the delay in transmitting data over a network. In the context of military operations, latency can have serious consequences, such as delays in receiving critical information, which can negatively impact the success of the mission. Therefore, communication latency is a valid concern, but it is not the MOST concerning issue in the scenario, as the other measures in place (such as end-to-end encryption and layer 7 inspection) are more directly related to operational security. Therefore, option C is not the correct answer.

Option D: The use of centrally managed military network and computers by soldiers when communicating with external parties This option is about the use of centrally managed military network and computers by soldiers when communicating with external parties. This is a valid concern because if soldiers use centrally managed computers to communicate with external parties, they may inadvertently compromise operational security. For example, they may unintentionally disclose sensitive information or download malware that could compromise the mission. Therefore, option D is the MOST concerning issue in the scenario, as it is a direct threat to operational security.

In conclusion, the correct answer is option D: the use of centrally managed military network and computers by soldiers when communicating with external parties.