CompTIA
CAS-003 · Question #678
CAS-003 Question #678: Real Exam Question with Answer & Explanation
Sign in or unlock CAS-003 to reveal the answer and full explanation for question #678. The question stem and answer options stay visible for context.
Question
A PaaS provider deployed a new product using a DevOps methodology. Because DevOps is used to support both development and production assets inherent separation of duties is limited. To ensure compliance with security frameworks that require a specific set of controls relating to separation of duties the organization must design and implement an appropriate compensating control. Which of the following would be MOST suitable in this scenario?
Options
- AConfiguration of increased levels of logging, monitoring and alerting on production access
- BConfiguration of MFA and context-based login restrictions for all DevOps personnel
- CDevelopment of standard code libraries and usage of the WS-security module on all web servers
- DImplementation of peer review, static code analysis and web application penetration testing
Unlock CAS-003 to see the answer
You've previewed enough free CAS-003 questions. Unlock CAS-003 for full answers, explanations, the timed quiz mode, progress tracking, and the master PDF. Question stem and options stay visible so you can still see what's on the exam.