ExamTopics Logo
Mail Us[email protected]
Menu
Comptia Discussions
exam questions

Exam CAS-004 All Questions

View all questions & answers for the CAS-004 exam
Go to Exam

Exam CAS-004 topic 1 question 533 discussion

Actual exam question from CompTIA's CAS-004
Question #: 533
Topic #: 1
[All CAS-004 Questions]

An organization is working to secure its development process to ensure developers cannot deploy artifacts directly into the production environment. Which of the following security practice recommendations would be the best to accomplish this objective?

  • A. Implement least privilege access to all systems.
  • B. Roll out security awareness training for all users.
  • C. Set up policies and systems with separation of duties.
  • D. Enforce job rotations for all developers and administrators.
  • E. Utilize mandatory vacations for all developers.
  • F. Review all access to production systems on a quarterly basis.
Show Suggested Answer Hide Answer
Suggested Answer: C 🗳️
by isaphiltrick at July 18, 2024, 10:53 p.m.

Comments

Chosen Answer:
This is a voting comment (?). It is better to Upvote an existing comment if you don't have anything to add.
Switch to a voting comment New
Submit Cancel
grelaman
6 months, 4 weeks ago
Selected Answer: C
SoD ensures that no single individual has control over all aspects of a critical process. By separating the responsibilities of development and deployment, developers do not have direct access to production environments. Deployment tasks are handled by a separate team or automated systems that are responsible for moving code from staging to production. It ensures that changes are reviewed, tested, and approved by multiple parties before being deployed, enhancing the overall integrity of the production environment. Why not A: Developers might still have deployment permissions if least privilege is not properly defined in the context of their roles. SoD explicitly requires that deployment duties are assigned to separate roles, which is more targeted to the issue.
upvoted 3 times
...
isaphiltrick
9 months, 3 weeks ago
With 6 options, this should be a multiple selection. If so, I would go with A. Implement least privilege access to all systems AND C. Set up policies and systems with separation of duties. These are almost always the answers to these types of questions.
upvoted 3 times
...
Community vote distribution
A (35%)
C (25%)
B (20%)
Other
Most Voted
A voting comment increases the vote count for the chosen answer by one.

Upvoting a comment with a selected answer will also increase the vote count towards that answer by one. So if you see a comment that you already agree with, you can upvote it instead of posting a new comment.

SaveCancel
exam
Someone Bought Contributor Access for:
SY0-701
London, 1 minute ago