CAS-002.pdf - CompTIA CAS-002 CompTIA Advanced Security...

This preview shows page 1 - 3 out of 17 pages.

CAS-002 CompTIA CompTIA Advanced Security Practitioner (CASP)
QUESTION: 231 A security administrator was recently hired in a start-up company to represent the interest of security and to assist the network team in improving security in the company. The programmers are not on good terms with the security team and do not want to be distracted with security issues while they are working on a major project. Which of the following is the BEST time to make them address security issues in the project? C
QUESTION: 232 A well-known retailer has experienced a massive credit card breach. The retailer had gone through an audit and had been presented with a potential problem on their network. Vendors were authenticating directly to the retailer’s AD servers, and an improper firewall rule allowed pivoting from the AD server to the DMZ where credit card servers were kept. The firewall rule was needed for an internal application that was developed, which presents risk. The retailer determined that because the vendors were required to have site to site VPN’s no other security action was taken. To prove to the retailer the monetary value of this risk, which of the following type of calculations is needed? C

  • Left Quote Icon

    Student Picture

  • Left Quote Icon

    Student Picture

  • Left Quote Icon

    Student Picture