- Email support@dumps4free.com
Topic 1: Exam Pool A
Which of the following should occur at each stage of the SDLC?
A.
Added functionality
B.
Management review
C.
Verification and validation
D.
Repurposing of any newly developed components
Verification and validation
Which ISO standard refers to addressing security risks in a supply chain?
A.
ISO 27001
B.
ISO/IEC 28000:2007
C.
ISO 18799
D.
ISO 31000:2009
ISO/IEC 28000:2007
What is the term that describes the situation when a malicious user/attacker can exit
the restrictions of a single host and access other nodes on the network?
Response:
A.
Host escape
B.
Guest escape
C.
Provider exit
D.
Escalation of privileges
Host escape
What are the phases of a software development lifecycle process model?
Response:
A.
Planning and requirements analysis, define, design, develop, testing, and maintenance
B.
Define, planning and requirements analysis, design, develop, testing, and maintenance
C.
Planning and requirements analysis, define, design, testing, develop, and maintenance
D.
Planning and requirements analysis, design, define, develop, testing, and maintenance
Planning and requirements analysis, define, design, develop, testing, and maintenance
You are performing an audit of the security controls used in a cloud environment.
Which of the following would best serve your purpose?
Response:
A.
The business impact analysis (BIA)
B.
A copy of the VM baseline configuration
C.
The latest version of the company’s financial records
D.
A SOC 3 report from another (external) auditor
A copy of the VM baseline configuration
| Page 20 out of 103 Pages |
| Previous |