CAS-003 Exam Question 76
An infrastructure team is at the end of a procurement process and has selected a vendor.
As part of the final negotiations, there are a number of outstanding issues, including:
1. Indemnity clauses have identified the maximum liability
2. The data will be hosted and managed outside of the company's geographical location The number of users accessing the system will be small, and no sensitive data will be hosted in the solution. As the security consultant on the project, which of the following should the project's security consultant recommend as the NEXT step?
As part of the final negotiations, there are a number of outstanding issues, including:
1. Indemnity clauses have identified the maximum liability
2. The data will be hosted and managed outside of the company's geographical location The number of users accessing the system will be small, and no sensitive data will be hosted in the solution. As the security consultant on the project, which of the following should the project's security consultant recommend as the NEXT step?
CAS-003 Exam Question 77
Drag and drop the cloud deployment model to the associated use-case scenario. Options may be used only once or not at all.
CAS-003 Exam Question 78
A software development manager is running a project using agile development methods. The company
cybersecurity engineer has noticed a high number of vulnerabilities have been making it into production
code on the project.
Which of the following methods could be used in addition to an integrated development environment to
reduce the severity of the issue?
cybersecurity engineer has noticed a high number of vulnerabilities have been making it into production
code on the project.
Which of the following methods could be used in addition to an integrated development environment to
reduce the severity of the issue?
CAS-003 Exam Question 79
The Chief Executive Officer (CEO) of a company that allows telecommuting has challenged the Chief Security Officer's (CSO) request to harden the corporate network's perimeter. The CEO argues that the company cannot protect its employees at home, so the risk at work is no different.
Which of the following BEST explains why this company should proceed with protecting its corporate network boundary?
Which of the following BEST explains why this company should proceed with protecting its corporate network boundary?
CAS-003 Exam Question 80
A security administrator wants to implement two-factor authentication for network switches and routers. The solution should integrate with the company's RADIUS server, which is used for authentication to the network infrastructure devices. The security administrator implements the following:
* An HOTP service is installed on the RADIUS server.
* The RADIUS server is configured to require the HOTP service for authentication.
The configuration is successfully tested using a software supplicant and enforced across all network devices.
Network administrators report they are unable to log onto the network devices because they are not being prompted for the second factor.
Which of the following should be implemented to BEST resolve the issue?
* An HOTP service is installed on the RADIUS server.
* The RADIUS server is configured to require the HOTP service for authentication.
The configuration is successfully tested using a software supplicant and enforced across all network devices.
Network administrators report they are unable to log onto the network devices because they are not being prompted for the second factor.
Which of the following should be implemented to BEST resolve the issue?