CompTIA
CAS-002 · Question #136
CAS-002 Question #136: Real Exam Question with Answer & Explanation
Sign in or unlock CAS-002 to reveal the answer and full explanation for question #136. The question stem and answer options stay visible for context.
Question
A newly-appointed risk management director for the IT department at Company XYZ, a major pharmaceutical manufacturer, needs to conduct a risk analysis regarding a new system which the developers plan to bring on-line in three weeks. The director begins by reviewing the thorough and well-written report from the independent contractor who performed a security assessment of the system. The report details what seem to be a manageable volume of infrequently exploited security vulnerabilities. The director decides to implement continuous monitoring and other security controls to mitigate the impact of the vulnerabilities. Which of the following should the director require from the developers before agreeing to deploy the system?
Options
- AAn incident response plan which guarantees response by tier two support within 15 minutes
- BA definitive plan of action and milestones which lays out resolutions to all vulnerabilities
- CBusiness insurance to transfer all risk from the company shareholders to the insurance
- DA prudent plan of action which details how to decommission the system within 90 days of
Unlock CAS-002 to see the answer
You've previewed enough free CAS-002 questions. Unlock CAS-002 for full answers, explanations, the timed quiz mode, progress tracking, and the master PDF. Question stem and options stay visible so you can still see what's on the exam.