The results of an external penetration test for a software development company show a small number of applications account for the largest number of findings. While analyzing the content and purpose of the applications, the following matrix is created:
The findings are then categorized according to the following chart:
Which of the following would BEST reduce the amount of immediate risk incurred by the organization from a compliance and legal standpoint? (Choose two.)
A. Place a WAF in line with Application 2
B. Move Application 3 to a secure VLAN and require employees to use a jump server for access
C. Apply the missing OS and software patches to the server hosting Application 4
D. Use network segmentation and ACLs to control access to Application 5
E. Implement an IDS/IPS on the same network segment as Application 3
F. Install a FIM on the server hosting Application 4
G. Enforce Group Policy password complexity rules on the server hosting Application 1
How to PASS CAS-004 in First Attempt?FULL Printable PDF and Software. VALID exam to help you PASS. |
 |
