A security administrator wants to verify and improve the security of a business process which is tied to proven
company workflow. The security administrator was able to improve security by applying controls that were
defined by the newly released company security standard. Such controls included code improvement, transport
encryption, and interface restrictions. Which of
the following can the security administrator do to further increase security after having exhausted all the
technical controls dictated by the company’s security standard?
A.
Modify the company standard to account for higher security and meet with upper management for approval
to implement the new standard.
B.
Conduct a gap analysis and recommend appropriate non-technical mitigating controls, and incorporate the
new controls into the standard.
C.
Conduct a risk analysis on all current controls, and recommend appropriate mechanisms to increase overall
security.
D.
Modify the company policy to account for higher security, adapt the standard accordingly, and implement
new technical controls.
Congrats! Passed CAS-002 exam two days ago.
Total 77 questions, started with 10 SIMs: configuring the firewall ACL, placing equipments in the network to stop attacks, and so on.
I mainly learned the CASP Cert Guide books and practised PassLeader CAS-002 dumps with 900q (new version, helped a lot for my passing).
Dumps on this site are not valid, only 2 SIMs and few MCQs are from them, other 8 SIMs and many MCQs are missing!!!
Recommend to practise PassLeader 900q CAS-002 dumps, especially the last 240 questions. Here you can get PassLeader CAS-002 dumps:
http://www.comptiadump.com/category/comptia-advanced-security-practitioner-casp-certification/cas-002-dumps
GOOD LUCK!!
And, download that PassLeader CAS-002 dumps in PDF from:
https://drive.google.com/open?id=0B-ob6L_QjGLpenQtV3dLMDkyM0U
Regards!!!