Quiz Summary
0 of 60 Questions completed
Questions:
Information
You have already completed the quiz before. Hence you can not start it again.
Quiz is loading…
You must sign in or sign up to start the quiz.
You must first complete the following:
Results
Results
0 of 60 Questions answered correctly
Your time:
Time has elapsed
You have reached 0 of 0 point(s), (0)
Earned Point(s): 0 of 0, (0)
0 Essay(s) Pending (Possible Point(s): 0)
Categories
- Not categorized 0%
-
Unfortunately, you didn’t pass the quiz, but hey, you have unlimited access.😎
Practice makes you perfect! 👊 -
Congratulations! 🥳
You have passed the quiz successfully! You are one step closer to pass the real exam!
We hope to see you again on another certification path.✌️
Good luck with the exam! Stay strong.👊
- 1
- 2
- 3
- 4
- 5
- 6
- 7
- 8
- 9
- 10
- 11
- 12
- 13
- 14
- 15
- 16
- 17
- 18
- 19
- 20
- 21
- 22
- 23
- 24
- 25
- 26
- 27
- 28
- 29
- 30
- 31
- 32
- 33
- 34
- 35
- 36
- 37
- 38
- 39
- 40
- 41
- 42
- 43
- 44
- 45
- 46
- 47
- 48
- 49
- 50
- 51
- 52
- 53
- 54
- 55
- 56
- 57
- 58
- 59
- 60
- Current
- Review
- Answered
- Correct
- Incorrect
-
Question 1 of 60
1. Question
A company is considering moving its IT infrastructure to the cloud to improve flexibility and scalability. Which of the following security solutions should they consider to address the risks of cloud infrastructure management compared to on-premises?
CorrectIncorrect -
Question 2 of 60
2. Question
A small business is concerned about the risk of asset theft and wants to implement a security solution that can help identify stolen assets. Which security solution would be MOST effective for this purpose?
CorrectIncorrect -
Question 3 of 60
3. Question
In a large data center, a security administrator wants to reduce the risk of unauthorized access to sensitive data by implementing physical segmentation. Which of the following would be the most effective solution?
CorrectIncorrect -
Question 4 of 60
4. Question
A company wants to limit the impact of a security breach in the event that an attacker gains access to their network. Which of the following physical segmentation techniques would be the MOST appropriate?
CorrectIncorrect -
Question 5 of 60
5. Question
A company wants to improve the security of its cloud-based infrastructure. They currently have multiple departments that use the same cloud environment, and they want to make sure that each department can only access the resources that they are authorized to use. Which of the following solutions would be the BEST to implement for this scenario?
CorrectIncorrect -
Question 6 of 60
6. Question
A company has a large number of virtual machines running on a single physical server. They are concerned about security risks associated with having all of the virtual machines on the same network segment. Which of the following solutions would be the BEST to implement for this scenario?
CorrectIncorrect -
Question 7 of 60
7. Question
In order to secure its network, a company has decided to implement a jumpbox. Which of the following is a benefit of using a jumpbox for segmentation?
CorrectIncorrect -
Question 8 of 60
8. Question
A company wants to ensure the security of its network infrastructure. The company has multiple offices, and each office is connected to the internet through a dedicated leased line. The company’s IT team wants to implement security controls to protect against unauthorized access, network attacks, and other threats. Which of the following is the BEST solution to implement for physical network security?
CorrectIncorrect -
Question 9 of 60
9. Question
A company wants to implement a new network architecture that allows for greater agility and scalability, while also providing more robust security measures. The IT team has proposed a software-defined networking (SDN) solution. Which of the following is a security benefit of SDN?
CorrectIncorrect -
Question 10 of 60
10. Question
A company has decided to move its IT infrastructure to a virtual private cloud (VPC) to reduce costs and improve flexibility. As a security analyst, which of the following is the BEST control to implement to secure the VPC?
CorrectIncorrect -
Question 11 of 60
11. Question
A company has recently adopted a serverless architecture for its applications. The company wants to ensure that it has visibility and control over its cloud resources. Which of the following tools can help achieve this goal?
CorrectIncorrect -
Question 12 of 60
12. Question
A company is planning to migrate its existing applications to a containerized environment to improve scalability and deployment speed. Which of the following security controls should be implemented to mitigate the risk of container breakout attacks?
CorrectIncorrect -
Question 13 of 60
13. Question
A company has adopted a container orchestration tool for its application infrastructure. The security team is concerned about the risk of unauthorized access to sensitive data stored in the containers. Which of the following security controls should be implemented to mitigate this risk?
CorrectIncorrect -
Question 14 of 60
14. Question
A company wants to implement stronger security measures to protect its sensitive data. The IT team has suggested implementing multifactor authentication (MFA) for all employees accessing company systems remotely. Which of the following is the BEST reason to implement MFA in this scenario?
CorrectIncorrect -
Question 15 of 60
15. Question
A company is implementing a new SaaS application that will be used by all employees. The IT team is concerned about the potential security risks of employees using weak passwords or sharing their credentials with others. What is the BEST solution to mitigate these risks?
CorrectIncorrect -
Question 16 of 60
16. Question
A developer is coding a new application that requires a large amount of memory to store user input data. During testing, it is found that an attacker can overflow the heap and execute arbitrary code. Which of the following is the most effective control to mitigate this attack?
CorrectIncorrect -
Question 17 of 60
17. Question
A company wants to implement a new security solution to detect and prevent attacks on its network. They are considering using a honeypot. Which of the following is the BEST explanation for a honeypot?
CorrectIncorrect -
Question 18 of 60
18. Question
A company is concerned about the increasing number of attacks on its network and wants to implement additional security measures. They are considering using a honeypot to detect and prevent attacks. Which of the following is a potential disadvantage of using a honeypot?
CorrectIncorrect -
Question 19 of 60
19. Question
A company’s web application is experiencing multiple unauthorized login attempts. The security team wants to implement a security solution to detect and prevent such attacks in the future. Which of the following security solutions should the security team implement?
CorrectIncorrect -
Question 20 of 60
20. Question
A company is planning to send confidential information over a network that is shared with other organizations. Which of the following options should be used to protect the confidentiality of the information?
CorrectIncorrect -
Question 21 of 60
21. Question
A company is concerned about the potential for insider threats and wants to implement active defense mechanisms to deter malicious actors. Which of the following is an example of an active defense mechanism?
CorrectIncorrect -
Question 22 of 60
22. Question
A software development team is working on a mobile app for a company. The team wants to implement software assurance best practices to ensure the security of the app. Which of the following practices should they implement specifically for mobile platforms?
CorrectIncorrect -
Question 23 of 60
23. Question
A company has a bring-your-own-device (BYOD) policy in place. The IT department wants to ensure that employees can securely access company resources on their mobile devices. Which of the following software assurance best practices should they implement for mobile platforms?
CorrectIncorrect -
Question 24 of 60
24. Question
A company has developed a new web application that will allow customers to make purchases online. Which of the following is a software assurance best practice that should be implemented to ensure the security of the payment process?
CorrectIncorrect -
Question 25 of 60
25. Question
A company is designing a new IoT device that will be powered by a System-on-chip (SoC) and will be connected to the internet. What is the BEST software assurance practice that should be implemented to ensure the security of the device?
CorrectIncorrect -
Question 26 of 60
26. Question
A company is using embedded systems in their devices that require firmware updates. What is the best practice for ensuring the security of firmware updates?
CorrectIncorrect -
Question 27 of 60
27. Question
A software development team is working on a new project and wants to ensure that security is integrated throughout the SDLC. Which of the following is an important step in integrating software assurance best practices into the SDLC?
CorrectIncorrect -
Question 28 of 60
28. Question
A company wants to implement a DevSecOps approach to its software development process. Which of the following best practices should the company follow to ensure that security is integrated into the entire development lifecycle?
CorrectIncorrect -
Question 29 of 60
29. Question
A software development team has created a new application that they are about to release to users. To ensure that the application meets the needs and expectations of the users, what software assurance best practice should the team implement?
CorrectIncorrect -
Question 30 of 60
30. Question
A company wants to ensure that its web application can handle high traffic and heavy loads without crashing or losing data. Which of the following software assessment methods should they use?
CorrectIncorrect -
Question 31 of 60
31. Question
A software development team wants to ensure that changes to their application’s code do not introduce new security vulnerabilities. Which software assessment method should they use?
CorrectIncorrect -
Question 32 of 60
32. Question
A software development team is conducting a code review for a new application. During the review, the team identifies a potential security vulnerability in the code. Which of the following is the BEST next step for the team?
CorrectIncorrect -
Question 33 of 60
33. Question
A software development team is implementing a new feature that involves storing user data in a database. The team wants to ensure that the data is protected from injection attacks. Which of the following is a secure coding best practice for input validation?
CorrectIncorrect -
Question 34 of 60
34. Question
A web application developer is designing a new feature that requires user inputs to be displayed on the website. To ensure security, which secure coding best practice should the developer implement?
CorrectIncorrect -
Question 35 of 60
35. Question
A web application developer is reviewing the code for an e-commerce platform. Which of the following BEST describes a secure coding best practice for output encoding?
CorrectIncorrect -
Question 36 of 60
36. Question
Which of the following is an important step in implementing secure session management in a web application?
CorrectIncorrect -
Question 37 of 60
37. Question
In a web application, which of the following is an example of a secure session management practice?
CorrectIncorrect -
Question 38 of 60
38. Question
In a software development project, the development team is implementing authentication mechanisms to secure user accounts. Which of the following is a secure coding best practice to follow when implementing authentication?
CorrectIncorrect -
Question 39 of 60
39. Question
A software development team is working on an e-commerce application. The team is implementing a feature that allows users to store their credit card information for future purchases. What is the best practice for data protection in this scenario?
CorrectIncorrect -
Question 40 of 60
40. Question
A software development team is tasked with creating a new application that allows users to submit personal information such as names, addresses, and credit card details. The team is concerned about the risk of SQL injection attacks and wants to implement secure coding best practices. Which of the following options describes a recommended approach to prevent SQL injection attacks?
CorrectIncorrect -
Question 41 of 60
41. Question
A software development team is looking to implement a tool that can automatically scan their codebase for potential security vulnerabilities. Which of the following best describes the type of tool they should use?
CorrectIncorrect -
Question 42 of 60
42. Question
In a company that develops mobile applications, the development team uses a dynamic analysis tool to test the application’s functionality and identify any vulnerabilities. Which of the following is the primary benefit of using dynamic analysis tools in this scenario?
CorrectIncorrect -
Question 43 of 60
43. Question
A company has implemented a service-oriented architecture (SOA) to integrate its different business systems. They want to ensure secure communication between systems and have decided to use Security Assertion Markup Language (SAML). Which of the following statements about SAML is true?
CorrectIncorrect -
Question 44 of 60
44. Question
In a company, a SOAP web service is used to exchange sensitive data between different systems. Which of the following best practices should be implemented to ensure secure coding for this web service?
CorrectIncorrect -
Question 45 of 60
45. Question
In a RESTful web application, which secure coding best practice should be implemented to prevent SQL injection attacks?
CorrectIncorrect -
Question 46 of 60
46. Question
A company wants to ensure that its servers’ boot process is secure and tamper-proof. Which of the following hardware security solutions would be the MOST appropriate for this scenario?
CorrectIncorrect -
Question 47 of 60
47. Question
A company is considering implementing a Hardware Security Module (HSM) to secure its payment processing systems. Which of the following is a benefit of using an HSM?
CorrectIncorrect -
Question 48 of 60
48. Question
A company is planning to purchase new servers with the latest hardware components for its data center. The IT team wants to ensure the new servers have secure firmware and boot processes. Which of the following hardware assurance best practices can provide this level of security?
CorrectIncorrect -
Question 49 of 60
49. Question
A company is looking to manufacture new hardware components for its product. They want to ensure that the hardware components are authentic and have not been tampered with. Which of the following methods can they use to ensure this?
CorrectIncorrect -
Question 50 of 60
50. Question
Which of the following is an example of trusted execution environment (TEE) technology?
CorrectIncorrect -
Question 51 of 60
51. Question
A company wants to ensure that the processing of its sensitive data is done securely. Which of the following best describes a secure enclave?
CorrectIncorrect -
Question 52 of 60
52. Question
A company wants to ensure the integrity and confidentiality of its data while it’s being processed on its servers. Which of the following hardware assurance techniques would BEST meet their requirement?
CorrectIncorrect -
Question 53 of 60
53. Question
A company is developing a new hardware device that will be used in military applications. They want to ensure that the device cannot be tampered with or reverse-engineered. Which of the following would be the BEST solution to achieve this goal?
CorrectIncorrect -
Question 54 of 60
54. Question
A company wants to ensure the security of its sensitive data stored on its laptops. Which of the following options would be the BEST solution for this requirement?
CorrectIncorrect -
Question 55 of 60
55. Question
In an organization, the IT team wants to ensure that firmware updates on all devices are secure and tamper-proof. Which of the following is the BEST hardware assurance practice to achieve this goal?
CorrectIncorrect -
Question 56 of 60
56. Question
Which of the following BEST describes measured boot and attestation?
CorrectIncorrect -
Question 57 of 60
57. Question
A company wants to ensure the confidentiality of data being transmitted over their internal bus between various components of their computer system. Which of the following BEST describes an effective method to secure the bus against eavesdropping attacks?
CorrectIncorrect -
Question 58 of 60
58. Question
A company is considering implementing a microservices architecture for their application. Which of the following best practices should they follow to ensure software assurance?
CorrectIncorrect -
Question 59 of 60
59. Question
A company is planning to migrate its traditional server-based infrastructure to a serverless architecture. What security solution should the company consider to minimize the risk of malicious activity in the new infrastructure?
CorrectIncorrect -
Question 60 of 60
60. Question
A company’s critical infrastructure system contains sensitive information and needs to be protected from external threats. The IT department has decided to implement segmentation as a security solution. Which of the following options would be the BEST approach to implementing segmentation?
CorrectIncorrect