The director of sales asked the development team for some small changes to increase the usability of an application used by the sales team. Prior security reviews of the code showed no significant vulnerabilities, and since the changes were small, they were given a peer review and then pushed to the live environment.Subsequent vulnerability scans now show numerous flaws that were not present in the previous versions of the code.Which of the following is an SDLC best practice that should have been followed?
Answer(s): B
An organization is engaged in international business operations and is required to comply with various legal frameworks. In addition to changes in legal frameworks, which of the following is a primary purpose of a compliance management program?
Answer(s): C
Company.org has requested a black-box security assessment be performed on key cyber terrain. One area of concern is the company’s SMTP services. The security assessor wants to run reconnaissance before taking any additional action and wishes to determine which SMTP server is Internet-facing.Which of the following commands should the assessor use to determine this information?
Answer(s): A
A medical device company is implementing a new COTS antivirus solution in its manufacturing plant. All validated machines and instruments must be retested for interoperability with the new software.Which of the following would BEST ensure the software and instruments are working as designed?
Post your Comments and Discuss CompTIA CAS-003 exam with other Community members:
Nathan commented on April 20, 2020 I appreicate that you provide the Xengine software for free. But are you planning to keep it free! I really hope so! GERMANY upvote
Our website is free, but we have to fight against bots and content theft. We're sorry for the inconvenience caused by these security measures. You can access the rest of the CAS-003 content, but please register or login to continue.