Course name : SSA E1 Administrator Assessment Answers | Course id 66767 |

SSA E1 Administrator Assessment answers

Course name : SSA E1 Administrator Assessment Answers | Course id 66767 | Questions (1-10)

1. Which of the following is a good practice?
Answer : Grant limited permission to specified account

2. State True or False: TCS SSA has defined the required processes,
templates, guidelines, checklists & resources to achieve Security Assurance.
Answer: True

3. Sand-boxing does what to computer programs?
Answer : Sandboxes protect your programs by isolating
all the other programs except the one you are using at the time

4. Which of these following statements about consent is false:
Answer : Organizations can generally rely on implied consent
when the information is likely to be considered sensitive.

5. To design client-side configuration tests each user category
is assessed to reduce the number of configuration variables to a
manageable number.
Answer : True

6. Which mechanism will make sure that data transmission is secure?
Answer : HTTPS + Encrypting sensitive data

7. What activities are part of Deployment/Release Security Review?
Answer : Verify Binary Integrity; Target System Alteration Analysis;
Infrastructure VA; Patching and Upgradation Plan

8. SSL primarily focuses on
Answer: Confidentiality and integrity

9. What is not a good practice for user administration?
Answer: Using telnet and FTP for remote access

10. State True or False: Software Security Assurance can be achieved
if the efforts, activities and controls are implemented and verified
for establishing Confidentiality, Integrity, Availability & Accountability
Answer: True

Course name : SSA E1 Administrator Assessment Answers | Course id 66767 | Questions (11-20)

Course name : SSA E1 Administrator Assessment Answers | Course id 66767 | Questions (21-30)

21. Record traffic file is available in format.
Answer : PCap

22. Using POST requests with hidden form fields provides a
significant level of protection against attackers who want to
tamper with requests. (SSA E1)
Answer: False

23. How does Device fingerprinting help in protecting private information?
Answer : All of the above

24. As per PCI DSS standards, which of the following Card Holder
Data should not be stored (even if encrypted)?
Answer : Option 3 & 4

25. Defining Role Matrix “Role > Functionality > Data” is a part
of which phase of SSA?
Answer : Architecture/Design Security Analysis & Review

26. What are the activities involved in the phase Secure Code
Construction & Security Code Review?
Answer : All of the above

27. Which of the following is a hacker’s attempt to redirect traffic
from a legitimate website to a completely different internet
address by changing the host’s file on a victim’s computer or
by exploiting a vulnerability on the DNS server?
Answer : Pharming

28. Identify reasons why TCS has adopted data protection
program 1. Customer and market expectations 2. Competitive Differentiation 3. Risk Landscape 4. Legal Obligation
Answer : 1,2,3,4

29. State the correct statement.
Answer : Estimation of Software Security related Budget and
Efforts is a key parameter in delivering secure software

30. We can allow client-side scripts to execute in the browsers
for needed operations. (SSA E1)
Answer : True

Course name : SSA E1 Administrator Assessment Answers | Course id 66767 | Questions (31-40)

31. When recording customer telephone calls, which one of these
statements is False?
Answer : Organizations must inform the individual that the call
may be recorded but not the purpose for which the information will be used.

32. If a non-admin can access the admin page, this is due to issue in
Answer : Authorization

33. Phishing is essentially another form of:
Answer : Social engineering

34. What are remedies to secure against components using known
vulnerabilities?
Answer : All of the above

35. Development, QA, and production environments should all be
configured identically, with each environment. credentials used in
Answer : Different

36 The more you can approach an incident response process as a
business process – from every angle, and with every audience
Answer : the more successful you will be

Course name : SSA E1 Administrator Assessment Answers | Course id 66767

37. The code segment that misuses its environment is called
Answer : trojan horse

38. Which of the following can be best described as spoofing?
Answer : Pretending to be someone or something else

39 PII does not include information that is collected anonymously.
Answer : True

40. Which of the following is used to retain confidentiality in a software?
Answer : Encryption

Kindly let us know in the comments how you like this post – SSA E1 Administrator Assessment Answers.

Follow us in YouTube for video course SSA E1 Administrator Assessment Answers.

Follow us in Telegram for pdf courses of SSA E1 Administrator Assessment Answers.

Follow our Blogs for more latest courses.

Course name : SSA E1 Administrator Assessment Answers | Course id 66767

Leave a Comment

Your email address will not be published. Required fields are marked *

Scroll to Top