Download CYSE Practice Test: Multiple Choice Questions and Answers and more Exams Cybercrime, Cybersecurity and Data Privacy in PDF only on Docsity!
CYSE Practice Test | 100% Correct
Answers | Verified | Latest 2024 Version
Under zero trust all network traffic Must be: (Choose all apply) A. Perimeter-based B. Authenticated C. Encrypted D. Trusted - ✔✔ B. Authenticated C. Encrypted Core features of SASE Services do not include A. CASB B. ZTSA C. DNS Protection D. SD-WAN2. - ✔✔C. DNS Protection You are developing software, which requires users to enter a date. To prevent security issues, you want to make sure the values provided by users are accurate. Which technique will you use? A. Screening B. Encapsulation C. Input validation D. Assurers a user's accountability - ✔✔C. Input validation Which of the following is NOT a principle of the Agile model of development? A. Satisfy customers through early and continuous delivery. B. Prioritize security over other requirements. C. Business and development work together.
D. Pay continuous attention to technical excellence - ✔✔B. Prioritize security over other requirements. Which of the following key is used to enforce referential integrity between database tables? A. Primary key B. Foreign key C. Super key D. Candidate key - ✔✔B. Foreign key SaaS providers manage and secure all the following except: A. Infrastructure B. OS C. Application Stacks D. Access Controls - ✔✔D. Access Controls Which of the following service providers provides the least amount of built-in security? A. IaaS B. PaaS C. SaaS D. All the above - ✔✔A. IaaS Alice's organization requires her to log in with her username, a PIN, a password, and a retina scan. How many distinct authentication factors are used? A. One B. Two C. Three D. Four - ✔✔B. Two Sarah decides to improve the strength of her organization's password policy by increasing the minimum length of the password by a single character. The system allows the use of upper case and lower case as
C. Privilege creep D. Account revocation - ✔✔B. Account review
- Which of the following is NOT a part of the Kerberos authentication system? A. KDC B. TGT C. AS D. TS - ✔✔D. TS . Which type of access control allows the owner of a file to grant other users access to it? A. Role-based B. Non-discretionary C. Rule-based D. Discretionary - ✔✔D. Discretionary Which of the following tools is NOT typically used to verify that a provisioning process was followed in a way that ensures the organization's security policy is being followed? A. Log review B. Manual review of permissions C. Signature-based detection D. Review the audit trail - ✔✔C. Signature-based detection A database makes access decisions based on the actual sensitivity of the data it holds. Which access control is it implementing? A. Content-dependent B. Context-dependent C. Restricted interface D. Role-based - ✔✔A. Content-dependent
What is the benefit of cognitive passwords? A. The password will be used only once. B. Users do not need to remember a specific password. C. It protects from the eavesdropping of passwords. D. It is turned into a virtual password by the system - ✔✔B. Users do not need to remember a specific password. Which of the following is true of biometrics? A. Relatively inexpensive, well received by society, and highly accurate. B. Very expensive, moderately received by society, and moderately accurate. C. Very expensive, very well received by society, and highly accurate. D. Very expensive, not well received by society, and highly accurate. - ✔✔B. Very expensive, moderately received by society, and moderately accurate. Which of the following types of access controls uses fences, security policies, security awareness training, and anti-virus software to ensure that an undesirable or unwanted event does not occur? A. Preventive B. Detective C. Corrective D. Compensating - ✔✔A. Preventive
- Which of the following is NOT a component of the DevOps model? A. Information security B. Software development C. Quality assurance D. IT Operations - ✔✔A. Information security
- You are implementing a multi-factor authentication solution. As part of the design, you are capturing the three authentication factors. What are they? (Select the following) A. Something you make
Which data may not be suitable for public clouds? A. Legacy application data B. Mission-critical workloads C. Sensitive data D. All of the above - ✔✔D. All of the above In which environment do admins have the most control over cloud app security? A. PaaS B. SaaS C. IaaS D. SECaaS - ✔✔A. PaaS Which is not a form of confidential computing? A. Zero-trust networks B. Trust execution environments C. Fully homomorphic encryption D. Secure multiparty computation - ✔✔A. Zero-trust networks When is centralized cloud application monitoring most useful? A. When applications must span hybrid architectures B. When applications are hosted solely in the cloud C. When an organization's applications are all on-premises D. When an organization uses a single cloud application - ✔✔A. When applications must span hybrid architectures A zero-trust cloud security approach: A. Eliminates the perimeter B. Moves the perimeter closer to protected areas
C. Expands the perimeter to end-user devices D. None of the above - ✔✔B. Moves the perimeter closer to protected areas
- You are a software development manager starting a new development project. You want to focus the development process around user stories. The development process must be efficient and have multiple iterations as changes and requirements are discovered. Which development methodology should you use? A. Agile B. Waterfall C. Spiral D. Rapid application development - ✔✔A. Agile
