Swift CSP-Assessor Exam Questions Instant Access

Question 1

Can a Swift user choose to implement the security controls (example: logging and monitoring) in systems which are not directly in scope of the CSCE?

AYes

BNo

Answer : A

Question 2

Which encryption methods are used to secure the communications between the SNL host and HSM boxes?

ANTLS and SSH

BTelnet and SSL

CNTLS and Telnet

DMPLS and SSL

Answer : A

Question 3

Select the supporting documents to conduct a CSP assessment. (Choose all that apply.)

AThe CSP User Handbook

BThe mapping to industry standards article

CThe Controls Matrix and High Level Test P an

DThe Customer Security Controls Framework

Answer : D

Question 4

Select the correct statement(s).

AThe public and private keys of a Swift certificate are stored on the Hardware Security Module

BThe certificate stored on the Swift Hardware Security Module is used during the decryption operation of a message

CThe decryption operation uses the encryption private key of the receiver

DTo verify the signature the SwiftNetLink uses the signing private key of the receiver

Answer : A, C

Question 5

Select the correct statement(s) about the Swift Alliance Gateway. (Choose all that apply.)

AIt acts as the single window to SwiftNet messaging services by concentrating your traffic flows

BIt allows sharing of PKI profiles between application or individuals, through the use of virtual profiles

CIt allows the creation and/or modification of some Swift messages (depending on the types &/or formats)

DThe Alliance Gateway can only be accessed by a SWIFTNet user

Answer : A, B

Question 6

What type of control effectiveness needs to be validated for an independent assessment?

AEffectiveness is never validated only the control design

BAn independent assessment is a point in time review with possible reviews of older evidence as appropriate

COperational effectiveness needs to be validated

DNone of the above

Answer : C

Question 7

The Swift user would like to perform their CSP assessment in May for the CSCF version that will only be active as from July the same year. Is it allowed?

ANo, an assessment can only be done on the active version of the CSCF

BYes, the assessment on a particular version can start before the actual activation date

Answer : A

Swift Customer Security Programme Assessor Certification CSP-Assessor Exam Questions