CASP questions with correct answers

A company has hired a new Chief Financial Officer (CFO) who has requested to be shown the ALE for a project implemented 4 years ago. The project had implemented a clustered pair of high end firewalls that cost $164,000 each at the beginning of the project. 2 years after the project was implemented, two line cards were added to each firewall that cost $3,000 each. The ARO of a fire in the area is 0.1, and the EF for a fire is 50%. Given that no fire has occurred since implementation, which of the following is the ALE? - Answer D. The ALE is 8,500 A project manager needs to decide between options to proceed with implementation. The three options are outlined as: Option 1: Cost to implement: $2,000. SLE: $4,000. Likelihood of occurrence: once per quarter Option 2: Cost to implement: $5,000. SLE: $4,000. Likelihood of occurrence: once every two years Option 3: Cost to implement: $1,000. SLE: $1,000. Likelihood of occurrence: once every 6 months Which of the following options gives the LOWEST TCO? - Answer Option 3 - CTE:1000, SLE:1000 When reviewing the various logs on a mission-critical application server, the server administrator first reviews the system log and determines that everything appears normal. Next, the administrator reviews the security log and finds a period of eight hours where no events have been recorded. What is the MOST likely explanation? - Answer D. Audit logging has been turned off. The online banking credentials of the Chief Executive Officer (CEO) of a research company were recently compromised. Despite the fact that banks no longer require frequent password changes, the CEO frequently changed this password. Now, because of the experience, the CEO questions the value of routine password changes at the company. Which of the following communicates the BEST approach for the company's security policies? - Answer C. The nature of the research company's threat may be different from banks, so the company should consider the specific threats it needs to address.