Swift CSP-Assessor - Customer Security Programme Assessor Certification Certification Exam
Question #1 (Topic: demo questions)
Can a Swift user choose to implement the security controls (example: logging and monitoring) in
systems which are not directly in scope of the CSCE?
\
Correct Answer: A
Explanation:
SWIFT Customer Security Programme (CSP) / CSCF-related documents, including:
SWIFT Customer Security Programme (CSP) / CSCF-related documents, including:-
Security Controls Policy
-
Security Controls Framework v2024
-
Independent Assessment Framework
-
Assessor Guidelines
-
Test Plan Guidelines
-
Outsourcing Agents Security Baseline
-
CSP Architecture Decision Tree
-
Mandatory and Advisory Control Templates
Question #2 (Topic: demo questions)
Swift user relies on a sFTP server to connect through an externally exposed connection with a
service provider or a group hub What architecture type is the Swift user? (Choose all that apply.)
Correct Answer: B, D
Explanation:
Question #3 (Topic: demo questions)
Application Hardening basically applies the following principles. (Choose all that apply.)
Correct Answer: A, B, C
Explanation:
The correct answers are A. Least Privileges, B. Access on a Need-to-Have Basis, and C. Reduced Footprint for Less Potential Vulnerabilities.
The correct answers are A. Least Privileges, B. Access on a Need-to-Have Basis, and C. Reduced Footprint for Less Potential Vulnerabilities.
Application Hardening is the process of securing applications by minimizing their attack surface and reducing security risks. It follows the principle of least privilege, which ensures that users, processes, and applications are granted only the minimum permissions required to perform their functions. It also enforces access on a need-to-have basis, meaning access rights are provided only when necessary for business or operational purposes. Another key principle is maintaining a reduced footprint, which involves disabling or removing unnecessary services, features, accounts, and software components to decrease the number of potential vulnerabilities that attackers could exploit. Enhanced Straight Through Processing (STP) is related to improving the efficiency of transaction processing and automation, not to application hardening or security strengthening. Therefore, A, B, and C are the correct answers.
Question #4 (Topic: demo questions)
Using the outsourcing agent diagram. Which components must be placed in a secure zone? (Choose
all that apply.)
Correct Answer: A, D
Explanation:


