A company is in the process of outsourcing its customer relationship management system to a cloud provider. It will host the entire organization’s customer
database. The database will be accessed by both the company’s users and its customers. The procurement department has asked what security activities must be
performed for the deal to proceed. Which of the following are the MOST appropriate security activities to be performed as part of due diligence? (Select TWO).
A.
Physical penetration test of the datacenter to ensure there are appropriate controls.
B.
Penetration testing of the solution to ensure that the customer data is well protected.
C.
Security clauses are implemented into the contract such as the right to audit.
D.
Review of the organizations security policies, procedures and relevant hosting certifications.
E.
Code review of the solution to ensure that there are no back doors located in the software.
Wrote the CAS-002 exam and passed with a good score!
77 questions in total, started with 10 SIMs: configuring the firewall ACL, placing equipments in the network to stop attacks, and so on.
I mainly learned the CASP Cert Guide books and practised PassLeader CAS-002 dumps with 900q (new version, helped a lot for my passing).
Dumps on this site are not valid, only 2 SIMs and few MCQs are from them, other 8 SIMs and many MCQs are missing!!!
Recommend to practise PassLeader 900q CAS-002 dumps, especially the last 240 questions. Here you can get PassLeader CAS-002 dumps:
http://www.comptiadump.com/category/comptia-advanced-security-practitioner-casp-certification/cas-002-dumps
GOOD LUCK!!
Besides, download that PassLeader CAS-002 dumps in PDF from:
https://drive.google.com/open?id=0B-ob6L_QjGLpenQtV3dLMDkyM0U
Regards!!!