CompTIA Exam CAS-003 Topic 14 Question 35 Discussion

Actual exam question for CompTIA's CAS-003 exam

Question #: 35
Topic #: 14

A Chief information Security Officer (CISO) is developing corrective-action plans based on the following from a vulnerability scan of internal hosts:

Which of the following MOST appropriate corrective action to document for this finding?

AThe product owner should perform a business impact assessment regarding the ability to implement a WAF.

BThe application developer should use a static code analysis tool to ensure any application code is not vulnerable to buffer overflows.

CThe system administrator should evaluate dependencies and perform upgrade as necessary.

DThe security operations center should develop a custom IDS rule to prevent attacks buffer overflows against this server.

Show Suggested Answer

Suggested Answer: A

by Dierdre at May 09, 2022, 11:23 AM

Limited Time Offer

25%

Off

Contribute your Thoughts:

Submit Cancel

Currently there are no comments in this discussion, be the first to comment!