CAS-003 exam

A government entity is developing requirements for an RFP to acquire a biometric authentication system. When developing these requirements, which of the following considerations is MOST critical to the verification and validation of the SRTM?A . Local and national laws and regulationsB . Secure software development requirementsC . Environmental constraint...

A security engineer is troubleshooting an issue in which an employee is getting an IP address in the range on the wired network. The engineer plus another PC into the same port, and that PC gets an IP address in the correct range. The engineer then puts the employee’ PC...

Designing a system in which only information that is essential for a particular job task is allowed to be viewed can be accomplished successfully by using:A . mandatory vacations.B . job rotationsC . role-based access controlD . discretionary accessE . separation of dutiesView AnswerAnswer: C

A network printer needs Internet access to function. Corporate policy states all devices allowed on the network must be authenticated . Which of the following is the MOST secure method to allow the printer on the network without violating policy?A . Request an exception to the corporate policy from the...

A recent overview of the network’s security and storage applications reveals a large amount of data that needs to be isolated for security reasons. Below are the critical applications and devices configured on the network: ✑ Firewall ✑ Core switches ✑ RM server ✑ Virtual environment ✑ NAC solution The...

A new corporate policy requires that all employees have access to corporate resources on personal mobile devices. The information assurance manager is concerned about the potential for inadvertent and malicious data disclosure if a device is lost, while users are concerned about corporate overreach . Which of the following controls...

A video-game developer has received reports of players who are cheating. All game players each have five capabilities that are ranked on a scale of 1 to 10 points, with 10 total points available for balance. Players can move these points between capabilities at any time. The programming logic is...

A bank is initiating the process of acquiring another smaller bank. Before negotiations happen between the organizations, which of the following business documents would be used as the FIRST step in the process?A . MOUB . OLAC . BPAD . NDAView AnswerAnswer: D

Staff members are reporting an unusual number of device thefts associated with time out of the office. Thefts increased soon after the company deployed a new social networking app . Which of the following should the Chief Information Security Officer (CISO) recommend implementing?A . Automatic location check-insB . Geolocated presence...

The government is concerned with remote military missions being negatively being impacted by the use of technology that may fail to protect operational security. To remediate this concern, a number of solutions have been implemented, including the following: ✑ End-to-end encryption of all inbound and outbound communication, including personal email...