Question 1

A penetration tester has been hired and given access to all code, diagrams,and documentation. Which type oftesting is being conducted?

Options :

A : Full knowledge

B : Unlimited scope

C : No knowledge

D : Partial knowledge

Answer: A

Question 2

An organization uses containerization for its business application deployments, and all containers run on the same host, so they MUST share the same:

Options :

A : user data.

B : database.

C : operating system.

D : application.

Answer: C

Question 3

Which of the following is theMOSTimportant component oftheasset decommissioning process from a data risk perspective?

Options :

A : Informing the data owner when decommissioning is complete

B : Destruction of data on the assets

C : Updating the asset status in the configuration management database (CMD8)

D : Removing the monitoring of the assets

Answer: B

Question 4

An organization has received complaints from a number of its customers that their data has been breached. However, after an investigation, the organization cannot detect any indicators of compromise. The breach was MOST likely due to which type of attack?

Options :

A : Supply chain attack

B : Zero-day attack

C : injection attack

D : Man-in the-middle attack

Answer: A

Question 5

The Platform as a Service (PaaS) model is often used to support which of the following?

Options :

A : Efficient application development and management

B : Local on-premise management of products and services

C : Subscription-based pay peruse applications

D : Control over physical equipment running application developed In-house

Answer: A