Security awareness is vital in todayβs digital environment. Whether you're a developer, analyst, or IT manager, understanding the core principles of security can help you prevent major breaches and data loss. Below are ten essential questions and answers that can sharpen your security knowledge and prepare you for real-world scenarios.
Question: 1
An employee who recently left the company is still able to access internal systems and sensitive data. What security principle has been violated?
a. Broken Access Control
b. Security through Obscurity
c. Data Encryption
d. None of the above
Answer: a. Broken Access Control
π‘ Access should be revoked immediately upon employee exit; failure is a breach of access control.
Question: 2
Which is NOT a good practice for secure user administration?
a. Perform random auditing procedures
b. Using telnet and FTP for remote access
Answer: b. Using telnet and FTP for remote access
π‘ Telnet and FTP are insecure protocols and should be avoided for remote access.
Question: 3
TCS SSA provides frameworks for achieving Security Assurance. Is this true?
a. True
b. False
Answer: a. True
π‘ TCS SSA defines processes and tools to enforce security practices.
Question: 4
What is a good security practice when granting access?
a. Grant limited permission to specified accounts
b. Grant full admin access by default
Answer: a. Grant limited permission to specified accounts
π‘ Least privilege principle ensures users have only the access they need.
Question: 5
What is the purpose of sandboxing in security?
a. To isolate programs and reduce security risks
b. To increase the performance of programs
Answer: a. To isolate programs and reduce security risks
π‘ Sandboxing isolates apps to prevent them from affecting the system or other programs.
Question: 6
Which statement about user consent is false?
a. Implied consent is acceptable for sensitive information
b. Explicit consent is required for sensitive data
Answer: a. Implied consent is acceptable for sensitive information
π‘ Sensitive data requires explicit consent under data protection regulations.
Question: 7
Client-side configuration tests are done to reduce configuration variables. True or False?
a. True
b. False
Answer: a. True
π‘ Reducing config variables helps standardize secure setups across user groups.
Question: 8
Which is part of Deployment/Release Security Review?
a. Verify Binary Integrity and Infrastructure VA
b. Incident Response and Develop Plan only
Answer: a. Verify Binary Integrity and Infrastructure VA
π‘ Security reviews include binary checks and vulnerability assessments.
Question: 9
Can software security assurance be achieved through proper implementation of controls?
a. True
b. False
Answer: a. True
π‘ Security assurance is based on verifying confidentiality, integrity, availability, and accountability.
Question: 10
What does SSL primarily ensure?
a. Confidentiality and Integrity
b. Data Compression
Answer: a. Confidentiality and Integrity
π‘ SSL encrypts data in transit to ensure its confidentiality and integrity.
Related Search:
ssa e1 administrator assessment answers tcs
ssa e1 administrator assessment 66767 answers
ssa e1 administrator assessment 66767 answers pdf download free
ssa e1 developer assessment 67033 answers pdf
ssa e1 iam assessment answers
ssa e1 developer assessment pdf
ssa e1 manager assessment 67032 answers
tcs ssa e1 developer assessment answers
ssa e1 developer assessment tcs answers pdf
process : ssa e1 developer assessment(67033)