




Study with the several resources on Docsity
Earn points by helping other students or get them with a premium plan
Prepare for your exams
Study with the several resources on Docsity
Earn points to download
Earn points by helping other students or get them with a premium plan
Community
Ask the community for help and clear up your study doubts
Discover the best universities in your country according to Docsity users
Free resources
Download our free guides on studying techniques, anxiety management strategies, and thesis advice from Docsity tutors
A series of multiple-choice questions related to cybersecurity and information security. It covers various topics, including zero trust, sase services, input validation, agile development, database security, authentication factors, password complexity, kerberos, access control, cognitive passwords, biometrics, devops, multi-factor authentication, cloud security, and confidential computing. Each question is followed by the correct answer, providing a valuable resource for studying and preparing for cybersecurity exams or certifications.
Typology: Exams
1 / 8
This page cannot be seen from the preview
Don't miss anything!
Under zero trust all network traffic Must be: (Choose all apply) A. Perimeter-based B. Authenticated C. Encrypted D. Trusted - ✔✔ B. Authenticated C. Encrypted Core features of SASE Services do not include A. CASB B. ZTSA C. DNS Protection D. SD-WAN2. - ✔✔C. DNS Protection You are developing software, which requires users to enter a date. To prevent security issues, you want to make sure the values provided by users are accurate. Which technique will you use? A. Screening B. Encapsulation C. Input validation D. Assurers a user's accountability - ✔✔C. Input validation Which of the following is NOT a principle of the Agile model of development? A. Satisfy customers through early and continuous delivery. B. Prioritize security over other requirements. C. Business and development work together.
D. Pay continuous attention to technical excellence - ✔✔B. Prioritize security over other requirements. Which of the following key is used to enforce referential integrity between database tables? A. Primary key B. Foreign key C. Super key D. Candidate key - ✔✔B. Foreign key SaaS providers manage and secure all the following except: A. Infrastructure B. OS C. Application Stacks D. Access Controls - ✔✔D. Access Controls Which of the following service providers provides the least amount of built-in security? A. IaaS B. PaaS C. SaaS D. All the above - ✔✔A. IaaS Alice's organization requires her to log in with her username, a PIN, a password, and a retina scan. How many distinct authentication factors are used? A. One B. Two C. Three D. Four - ✔✔B. Two Sarah decides to improve the strength of her organization's password policy by increasing the minimum length of the password by a single character. The system allows the use of upper case and lower case as
C. Privilege creep D. Account revocation - ✔✔B. Account review
What is the benefit of cognitive passwords? A. The password will be used only once. B. Users do not need to remember a specific password. C. It protects from the eavesdropping of passwords. D. It is turned into a virtual password by the system - ✔✔B. Users do not need to remember a specific password. Which of the following is true of biometrics? A. Relatively inexpensive, well received by society, and highly accurate. B. Very expensive, moderately received by society, and moderately accurate. C. Very expensive, very well received by society, and highly accurate. D. Very expensive, not well received by society, and highly accurate. - ✔✔B. Very expensive, moderately received by society, and moderately accurate. Which of the following types of access controls uses fences, security policies, security awareness training, and anti-virus software to ensure that an undesirable or unwanted event does not occur? A. Preventive B. Detective C. Corrective D. Compensating - ✔✔A. Preventive
Which data may not be suitable for public clouds? A. Legacy application data B. Mission-critical workloads C. Sensitive data D. All of the above - ✔✔D. All of the above In which environment do admins have the most control over cloud app security? A. PaaS B. SaaS C. IaaS D. SECaaS - ✔✔A. PaaS Which is not a form of confidential computing? A. Zero-trust networks B. Trust execution environments C. Fully homomorphic encryption D. Secure multiparty computation - ✔✔A. Zero-trust networks When is centralized cloud application monitoring most useful? A. When applications must span hybrid architectures B. When applications are hosted solely in the cloud C. When an organization's applications are all on-premises D. When an organization uses a single cloud application - ✔✔A. When applications must span hybrid architectures A zero-trust cloud security approach: A. Eliminates the perimeter B. Moves the perimeter closer to protected areas
C. Expands the perimeter to end-user devices D. None of the above - ✔✔B. Moves the perimeter closer to protected areas