ExamTopics Logo
Mail Us[email protected]
Menu
Comptia Discussions
exam questions

Exam CAS-004 All Questions

View all questions & answers for the CAS-004 exam
Go to Exam

Exam CAS-004 topic 1 question 365 discussion

Actual exam question from CompTIA's CAS-004
Question #: 365
Topic #: 1
[All CAS-004 Questions]

An internal security assessor identified large gaps in a company’s IT asset inventory system during a monthly asset review. The assessor is aware of an external audit that is underway. In an effort to avoid external findings, the assessor chooses not to report the gaps in the inventory system. Which of the following legal considerations is the assessor directly violating?

  • A. Due care
  • B. Due diligence
  • C. Due process
  • D. Due notice
Show Suggested Answer Hide Answer
Suggested Answer: A 🗳️
by joinedatthehop at Oct. 19, 2023, 6:10 p.m.

Comments

Chosen Answer:
This is a voting comment (?). It is better to Upvote an existing comment if you don't have anything to add.
Switch to a voting comment New
Submit Cancel
OdinAtlasSteel
Highly Voted 1 year, 1 month ago
Selected Answer: A
He did his due diligence in finding the gaps, however, he is NOT doing his due care (A) in reporting them.
upvoted 6 times
...
abrub
Most Recent 11 months, 1 week ago
Selected Answer: A
Due care is about correcting something immediately. The first letter of the two words even help to remember this, DC = do correct. Due diligence takes longer than just fixing something immediately, it is more the investigation as to why that something had to be corrected in the first place. It is about detecting the reason behind either an incident, event, or breach etc. etc. The first two letters help to remember this, DD, do detect.
upvoted 3 times
...
weaponxcel
1 year, 1 month ago
Selected Answer: B
B. Due diligence Given the scenario where the security assessor identified gaps but chose not to report them, the primary violation is with "due diligence." The assessor did not complete the due diligence process by withholding critical information. If the assessor had identified the gaps (due diligence) and then did nothing to address or rectify those gaps (despite knowing about them), that would be a violation of "due care." Due diligence: refers to the investigations and research conducted before taking an action. Due care: is about taking the necessary steps to mitigate the risks and threats that have been identified through due diligence. Due diligence need to happen before dual care. In the given scenario, the internal security assessor never did the duel diligence part.
upvoted 2 times
weaponxcel
1 year, 1 month ago
Sorry meant: A. Duel care Since the assessor did identified the gap.
upvoted 3 times
...
...
joinedatthehop
1 year, 1 month ago
Selected Answer: A
https://www.studynotesandtheory.com/single-post/due-care-vs-due-diligence
upvoted 1 times
...
Community vote distribution
A (35%)
C (25%)
B (20%)
Other
Most Voted
A voting comment increases the vote count for the chosen answer by one.

Upvoting a comment with a selected answer will also increase the vote count towards that answer by one. So if you see a comment that you already agree with, you can upvote it instead of posting a new comment.

SaveCancel