CASP CAS 003 Practice Questions with correct answers
The Chief Information Officer (CIO) is reviewing the IT centric BIA and RA documentation. The documentation shows that a single 24 hours downtime in a critical business function will cost the business $2.3 million. Additionally, the business unit which depends on the critical business function has determined that there is a high probability that a threat will materialize based on historical data. The CIO's budget does not allow for full system hardware replacement in case of a catastrophic failure, nor does it allow for the purchase of additional compensating controls. Which of the following should the CIO recommend to the finance director to minimize financial loss? - Answer The company should transfer the risk. The latest independent research shows that cyber-attacks involving SCADA systems grew an average of 15% per year in each of the last four years, but that this year's growth has slowed to around 7%. Over the same time period, the number of attacks against applications has decreased or stayed flat each year. At the start of the measure period, the incidence of PC boot loader or BIOS based attacks was negligible. Starting two years ago, the growth in the number of PC boot loader attacks has grown exponentially. Analysis of these trends would seem to suggest which of the following strategies should be employed? - Answer Spending on SCADA security controls should stay steady; application control spending should decrease slightly and spending on PC boot loader protections should increase substantially A security administrator has noticed that an increased number of employees' workstations are becoming infected with malware. The company deploys an enterprise antivirus system as well as a web content filter, which blocks access to malicious web sites where malware files can be downloaded. Additionally, the company implements technical measures to disable external storage. Which of the following is a technical control that the security administrator should implement next to reduce malware infection? - Answer Block cloud-based storage software on the company network
Escuela, estudio y materia
- Institución
- CASP - Comptia Advanced Security Practitioner
- Grado
- CASP - Comptia Advanced Security Practitioner
Información del documento
- Subido en
- 26 de mayo de 2023
- Número de páginas
- 46
- Escrito en
- 2022/2023
- Tipo
- Examen
- Contiene
- Preguntas y respuestas
Temas
-
casp cas 003 practice questions with correct answers
Documento también disponible en un lote
