CA Foundation Business Economics Questions 2023 - Part 32
Fri, 03 Mar 2023
1. A security analyst received several service tickets reporting that a company storefront website is not accessible by internal domain users. However, external usersare accessing the website without issue. Which of the following is the MOST likely reason for this behavior?
A) The certificate is expired.
B) The DNS server is corrupted.
C) The FQDN is incorrect.
D) The time synchronization server is corrupted.
2. The development team recently moved a new application into production for the accounting department. After this occurred, the Chief Information Officer (CIO) wascontacted by the head of accounting because the application is missing a key piece of functionality that is needed to complete the corporations quarterly taxreturns. Which of the following types of testing would help prevent this from reoccurring?
A) Security regression testing
B) Input validation testing
C) Static code testing
D) User acceptance testing
3. A software assurance lab is performing a dynamic assessment on an application by automatically generating and inputting different, random data sets to attempt tocause an error/failure condition. Which of the following software assessment capabilities is the lab performing AND during which phase of the SDLC should thisoccur? (Select two.)(Select 2answers)
A) Requirements phase
B) Fuzzing
C) Planning phase
D) Static code analysis
E) Prototyping phase
F) Behavior modeling
4. An analyst is preparing for a technical security compliance check on all Apache servers. Which of the following will be the BEST to use?
A) CIS benchmark
B) Untidy
C) Cain & Abel
D) OWASP
E) Nagios
5. The board of directors made the decision to adopt a cloud-first strategy. The current security infrastructure was designed for on-premise implementation. A criticalapplication that is subject to the Federal Information Security Management Act (FISMA) of 2002 compliance has been identified as a candidate for a hybrid clouddeployment model. Which of the following should be conducted FIRST?
A) Perform a risk assessment.
B) Review the SLA for FISMA compliance.
C) Review current security controls.
D) Develop a request for proposal.
A) The certificate is expired.
B) The DNS server is corrupted.
C) The FQDN is incorrect.
D) The time synchronization server is corrupted.
2. The development team recently moved a new application into production for the accounting department. After this occurred, the Chief Information Officer (CIO) wascontacted by the head of accounting because the application is missing a key piece of functionality that is needed to complete the corporations quarterly taxreturns. Which of the following types of testing would help prevent this from reoccurring?
A) Security regression testing
B) Input validation testing
C) Static code testing
D) User acceptance testing
3. A software assurance lab is performing a dynamic assessment on an application by automatically generating and inputting different, random data sets to attempt tocause an error/failure condition. Which of the following software assessment capabilities is the lab performing AND during which phase of the SDLC should thisoccur? (Select two.)(Select 2answers)
A) Requirements phase
B) Fuzzing
C) Planning phase
D) Static code analysis
E) Prototyping phase
F) Behavior modeling
4. An analyst is preparing for a technical security compliance check on all Apache servers. Which of the following will be the BEST to use?
A) CIS benchmark
B) Untidy
C) Cain & Abel
D) OWASP
E) Nagios
5. The board of directors made the decision to adopt a cloud-first strategy. The current security infrastructure was designed for on-premise implementation. A criticalapplication that is subject to the Federal Information Security Management Act (FISMA) of 2002 compliance has been identified as a candidate for a hybrid clouddeployment model. Which of the following should be conducted FIRST?
A) Perform a risk assessment.
B) Review the SLA for FISMA compliance.
C) Review current security controls.
D) Develop a request for proposal.
1. Right Answer: B
Explanation:
2. Right Answer: D
Explanation:
3. Right Answer: B,E
Explanation: Reference: http://www.brighthub.com/computing/smb-security/articles/9956.aspx
4. Right Answer: A
Explanation:
5. Right Answer: C
Explanation:
Explanation:
2. Right Answer: D
Explanation:
3. Right Answer: B,E
Explanation: Reference: http://www.brighthub.com/computing/smb-security/articles/9956.aspx
4. Right Answer: A
Explanation:
5. Right Answer: C
Explanation:
0 Comments
Leave a comment
Categories
Recent posts
CA Foundation Business Economics Questions 2023 - Part 31
Fri, 03 Mar 2023
CA Foundation Business Economics Questions 2023 - Part 30
Fri, 03 Mar 2023
