SecurityX CAS-005 cloud architecture guidance emphasizes horizontal scaling for workloads that need to handle both predictable and fluctuating growth over time. Horizontal scaling allows the infrastructure to add nodes for both compute and storage dynamically, providing elasticity to meet fluctuating computational demands while accommodating exponential storage growth.
* Vertical scaling (B) has hardware limits and is not as flexible for large, sustained growth.
* CDN (A) is optimized for content distribution, not intensive compute workloads.
* Load balancing (C) distributes workloads but does not address scaling for data growth.

A Configuration Management Database (CMDB) provides the best foundation for identifying which specific assets are affected by a given vulnerability. A CMDB maintains detailed information about the IT environment, including hardware, software, configurations, and relationships between assets. This comprehensive view allows organizations to quickly identify and address vulnerabilities affecting specific assets.
References:
* CompTIA SecurityX Study Guide: Discusses the role of CMDBs in asset management and vulnerability identification.
* ITIL (Information Technology Infrastructure Library) Framework: Recommends the use of CMDBs for effective configuration and asset management.
* "Configuration Management Best Practices" by Bob Aiello and Leslie Sachs: Covers the importance of CMDBs in managing IT assets and addressing vulnerabilities.

Forward secrecy (FS) ensures that past encrypted data remains secure even if encryption keys are compromised in the future. Itgenerates ephemeral session keys that are not reused.
Other options:
A (Tokenization) replaces sensitive data with tokens but does not prevent key compromise.
B (Key stretching) makes brute-force attacks harder but does not ensure secrecy after compromise.
D (Simultaneous Authentication of Equals - SAE) is used in WPA3 but is not related to past communication security.
Reference: CASP+ CAS-005 - Cryptographic Concepts and Key Management

The "cipher unavailable" message indicates that the client and server could not agree on a common cipher suite. After the OpenSSL update, the server likely dropped support for older, insecure ciphers (such as RC4 or
3DES) that legacy clients still use. The safest remediation is to update or configure the client applications to support modern, secure ciphers such as AES in Galois/Counter Mode (AES-GCM) or an equivalent strong cipher suite that is supported by the updated OpenSSL server.
* Option A (SSL 3.0) is unsafe because SSL 3.0 is deprecated and vulnerable to multiple attacks (e.g., POODLE).
* Option C (ECB mode) is insecure due to pattern leakage and should never be enforced.
* Option D (ECC signatures) relates to key exchange and signatures, not to the "cipher unavailable" issue directly.
This approach aligns with SecurityX CAS-005 cryptographic interoperability guidance-modernize clients rather than reintroduce insecure protocols.

The SIEM report shows that some devices, such as VM003 (Critical server) and NET003 (IPS), are DOWN and therefore not reporting logs. In security monitoring, the absence of log data from critical systems creates dangerous blind spots. If logs are missing, attacks can proceed undetected, or investigations may lack the data needed for incident response.
The most effective action is to perform a non-reporting device assessment (C). This means identifying and correcting issues where devices fail to send logs, whether due to outages, misconfigurations, or integration gaps. Ensuring all critical devices, especially servers and intrusion prevention systems, consistently send logs to the SIEM strengthens overall visibility and monitoring posture.
Option A (time calibration) is important for correlation accuracy but does not address missing log feeds.
Option B (centralized use case library) enhances detection but only works if the SIEM is receiving complete data. Option D (resiliency plan) helps protect log retention but is irrelevant if logs are never received in the first place.
Therefore, fixing non-reporting log sources is the highest priority to improve monitoring effectiveness.