CA Foundation Business Economics Questions 2023 - Part 32
Fri, 03 Mar 2023
Inspirational journeys
Follow the stories of academics and their research expeditions
ComptiA CASP+ 2023 Questions and answer - Part 17
1. A security company is writing a response to an RFP from a customer, which is building a new network-based software product. The Company's expertise is testing enterprise networks penetration. The RFP explicitly asks for all possible behaviors of the test product, however, is not a particular method to achieve this goal by giving. Which of the following should be used to ensure the safety and functionality of the product? (Choose two)(Select 2answers)
A) Gray box testing
B) penetration testing
C) white-box testing
D) code review
E) code signing
2. The security engineer receives an incident ticket at the desk stating that DNS lookup requests not to work from the office. The network team has enabled Layer 2 and Layer 3 connectivity works. Which of the following instruments would use a security engineer to ensure that the DNS server listens on port 53?
A) NESSUS
B) NSLOOKUP
C) NMAP
D) None
E) PING
3. The Chief Executive Officer (CEO) of an internet service provider (ISP) has decided to reduce the contribution of the company to global Distributed Denial of Service (DDoS) attacks. Which of the following would make to the ISP? (Choose two).(Select 2answers)
A) Keep customers when services they run are involved in an attack.
B) Scan the ISPA Ys Β¬ customer networks using an up-to-date vulnerability scanner.
C) Block traffic with a source IP is not allocated to customers from leaving the network of ISPs
D) Block traffic from the ISP networks intended to blacklisted IPs.
E) Prevent ISP customers querying other than those offered by the ISP's DNS servers.
4. A security engineer is responsible for monitoring business applications for known vulnerabilities. Which of the following is a way to stay current on news and information exploits?
A) Subscribe to security mailing lists
B) Implementing security awareness training
C) company policies and procedures update
D) None
E) Make sure the organization vulnerability management plan is up to date
5. A software project manager includes a requirement of the customer to set limits on the types of transactions may initiate a particular user without external interaction with another user with elevated privileges. This requirement is best described as an implementation of:
A) dual control
B) administrative control
C) least privilege
D) separation of responsibilities
E) collusion
A) Gray box testing
B) penetration testing
C) white-box testing
D) code review
E) code signing
2. The security engineer receives an incident ticket at the desk stating that DNS lookup requests not to work from the office. The network team has enabled Layer 2 and Layer 3 connectivity works. Which of the following instruments would use a security engineer to ensure that the DNS server listens on port 53?
A) NESSUS
B) NSLOOKUP
C) NMAP
D) None
E) PING
3. The Chief Executive Officer (CEO) of an internet service provider (ISP) has decided to reduce the contribution of the company to global Distributed Denial of Service (DDoS) attacks. Which of the following would make to the ISP? (Choose two).(Select 2answers)
A) Keep customers when services they run are involved in an attack.
B) Scan the ISPA Ys Β¬ customer networks using an up-to-date vulnerability scanner.
C) Block traffic with a source IP is not allocated to customers from leaving the network of ISPs
D) Block traffic from the ISP networks intended to blacklisted IPs.
E) Prevent ISP customers querying other than those offered by the ISP's DNS servers.
4. A security engineer is responsible for monitoring business applications for known vulnerabilities. Which of the following is a way to stay current on news and information exploits?
A) Subscribe to security mailing lists
B) Implementing security awareness training
C) company policies and procedures update
D) None
E) Make sure the organization vulnerability management plan is up to date
5. A software project manager includes a requirement of the customer to set limits on the types of transactions may initiate a particular user without external interaction with another user with elevated privileges. This requirement is best described as an implementation of:
A) dual control
B) administrative control
C) least privilege
D) separation of responsibilities
E) collusion
1. Right Answer: C,D
Explanation:
2. Right Answer: C
Explanation:
3. Right Answer: A,C
Explanation:
4. Right Answer: A
Explanation:
5. Right Answer: D
Explanation:
Explanation:
2. Right Answer: C
Explanation:
3. Right Answer: A,C
Explanation:
4. Right Answer: A
Explanation:
5. Right Answer: D
Explanation:
Tags:
comptia it exams it certification exams it certifications 2023 comptia exam comptia certification comptia questions comptia a+ comptia exam prep comptia 2023 compti prep materials comptia practice exams questions and answers practice tests test question test comptia a+ comptia a+ 1001 comptioa a+ 1002 comptia casp comptia cloud comptia cysa comptia it fundamentals comptia linux comptia network+ comptia security+ linux essentials0 Comments
Categories
Recent posts
CA Foundation Business Economics Questions 2023 - Part 31
Fri, 03 Mar 2023
CA Foundation Business Economics Questions 2023 - Part 30
Fri, 03 Mar 2023
Leave a comment