Question No. 1

A Treasury Management System (TMS) application is installed on the same machine as the customer connector (such as MQ server) connecting towards a Service Bureau Are these applications/systems in scope of CSCF?

AThe TMS application, the MQ server and hosting system are in the scope of the CSCF and must be placed in a secure zone

BThe TMS application, the MQ server and hosting system enters the scope of the CSCF advisory and should be placed in a secure zone

COnly the MO server application is in scope of the CSCF> The TMS application is considered as back-office

DThe TMS application is the highest risk and must be secured appropriately. The MQ server should be secured on a best effort basis

Show Answer

Correct Answer: A

Question No. 2

Which operator session flows are expected to be protected in terms of confidentiality and integrity? (Choose all that apply.)

ASystem administrator sessions towards a host running a Swift related component

BAll sessions to and from a jump server used to access a component in a secure zone

CAll sessions towards a secure zone (on-premises or hosted by a third-party or a Cloud Provider)

DAll sessions towards a Swift related application run by an Outsourcing Agent, a Service Bureau or an L2BA Provider

Show Answer

Correct Answer: A, B, C, D

Question No. 3

What type of control effectiveness needs to be validated for an independent assessment?

AEffectiveness is never validated only the control design

BAn independent assessment is a point in time review with possible reviews of older evidence as appropriate

COperational effectiveness needs to be validated

DNone of the above

Show Answer

Correct Answer: C

Question No. 4

In the illustration, identify the component type of each of the numbered components.

A.

1. Customer Connector

2. Bridging Server (Middleware Server)

3. Customer Connector

4. Bridging Server (Middleware Server)

B.

1. Customer Connector

2. Bridging Server (Middleware Server)

3. Customer Connector

4. Customer Connector

C.

1. Bridging Server (Middleware Server)

2. Bridging Server (Middleware Server)

3. Bridging Server (Middleware Server)

4. Bridging Server (Middleware Server)

D.

1. Customer Connector

2. Customer Connector

3. Customer Connector

4. Customer Connector

AOption A

BOption B

COption C

DOption D

Show Answer

Correct Answer: A

Question No. 5

The only type of HSM devices offered by Swift are HSM tokens and HSM boxes.

ATRUE

BFALSE

Show Answer

Correct Answer: A

Free Swift CSP-Assessor Exam Actual Questions

The questions for CSP-Assessor were last updated On Nov 19, 2024