CAS-005 Exam Question 16
Which of the following best explains the business requirement a healthcare provider fulfills by encrypting patient data at rest?
CAS-005 Exam Question 17
A security engineer is reviewing the results of an annual penetration test. The report lists one of the results as "critical severity" on several domain-joined workstations:
SSL/TLS Weak Protocols Supported TLS 1.0, TLS 1.1
Which of the following should the security engineer implement to remediate this finding in the most centralized manner?
SSL/TLS Weak Protocols Supported TLS 1.0, TLS 1.1
Which of the following should the security engineer implement to remediate this finding in the most centralized manner?
CAS-005 Exam Question 18
An organization decides to move to a distributed workforce model. Several legacy systems exist on premises and cannot be migrated because of existing compliance requirements. However, all new systems are required to be cloud-based. Which of the following would best ensure network access security?
CAS-005 Exam Question 19
As part of a security audit in the software development life cycle, a product manager must demonstrate and provide evidence of a complete representation of the code and modules used within the production-deployed application prior to the build. Which of the following best provides the required evidence?
CAS-005 Exam Question 20
An organization with a remote workforce has a new client with the following requirements:
- Consultants need to travel to the client site.
- The company has proprietary information on its hard drives.
- The company prohibits BYOD.
Which of the following would be the most beneficial for the organization to implement?
- Consultants need to travel to the client site.
- The company has proprietary information on its hard drives.
- The company prohibits BYOD.
Which of the following would be the most beneficial for the organization to implement?