WGU D488 Comptia Frequently Tested
Exam Questions With Verified Multiple
Choice and Conceptual Actual 100%
Correct Detailed Answers
Guaranteed Pass!!Current Update!!
1. A software developer needs to be able to run various versions of Android on an
x86 system. Which virtualization technology will allow the software developer to
perform this?
A. VDI
B. Emulation
C. Application virtualization
D. VMM - ANSWER B. Emulation
Emulation is resource intensive when compared to virtualization but allows an x86
computer to run the Android OS, video game software designed for Nintendo or
Xbox systems, and firmware designed for embedded systems.
2. A solutions architect is analyzing technology for user and entity behavior
analytics (UEBA). The solutions architect should analyze which of the following
technology solutions?
A. VR
B. AR
,C. P2P
D. AI - ANSWER D. AI
Artificial Intelligence (AI)-type systems are used extensively for user and entity
behavior analytics (UEBA).
3. A security architect is considering the design for an organization's transactional
records and is currently researching blockchain. What are some of the
foundational elements of blockchain technology? (Select all that apply.)
A. Multiparty Computation
B. Distributed consensus
C. Object storage
D. Hashing - ANSWER A. Multiparty Computation
B. Distributed consensus
D. Hashing
4. A software development manager wants to integrate a development model for
a company that will allow them to release small blocks of well-tested code to
bring functionality to the business as soon as possible. What is this method
called?
A. Spiral
B. Waterfall
C. SecDevOps
D. Agile - ANSWER D. Agile
,5. A site developer has recently experienced issues with Cross-Site Script Inclusion
attacks. Which of the following response headers could the site developer use to
mitigate this attack?
A. COOP
B. COEP
C. CORP
D. XFO - ANSWER C.CORP
A developer can set security options in the response header returned by a web
server to a client. Such is the case with Cross-Origin-Resource-Policy (CORP),
which protects against speculative execution (such as Spectre) and Cross-Site
Script (XSS) Inclusion attacks.
6. The vulnerability management lead has been enhancing the security posture
year after year and is looking at security coding standards. What are some sources
the management lead could recommend to the organization? (Select all that
apply.)
A. NIST 800-53
B. Carnegie-Mellon Software Engineering Institute
C. OWASP
D. COBIT - ANSWER B.Carnegie-Mellon Software Engineering Institute
C. OWASP
The Carnegie-Mellon Software Engineering Institute is one source of secure coding
standards for languages, such as C, C++, Android, Java, and Perl.
, OWASP has a vast library of guidance and information regarding secure coding
practices. It covers several key areas such as input validation, output encoding,
authentication management, and more.
7. A security architect for a university wants to set up a federation method
commonplace in their industry. Which of the following is routinely known for
being used by universities?
A. Shibboleth
B. Transitive trust
C. OpenID
D. SAML - ANSWER A.Shibboleth
Shibboleth is a federated identity method based on SAML and often used by
universities and public service organizations.
8. A security manager is looking for a solution that contains software to monitor
and report the day-to-day operations of an enterprise and the status of various
resources and activities. Which of the following should the security manager
consider?
A. CMDB
B. CMS
C. ERP
D. CRM - ANSWER C.ERP
Exam Questions With Verified Multiple
Choice and Conceptual Actual 100%
Correct Detailed Answers
Guaranteed Pass!!Current Update!!
1. A software developer needs to be able to run various versions of Android on an
x86 system. Which virtualization technology will allow the software developer to
perform this?
A. VDI
B. Emulation
C. Application virtualization
D. VMM - ANSWER B. Emulation
Emulation is resource intensive when compared to virtualization but allows an x86
computer to run the Android OS, video game software designed for Nintendo or
Xbox systems, and firmware designed for embedded systems.
2. A solutions architect is analyzing technology for user and entity behavior
analytics (UEBA). The solutions architect should analyze which of the following
technology solutions?
A. VR
B. AR
,C. P2P
D. AI - ANSWER D. AI
Artificial Intelligence (AI)-type systems are used extensively for user and entity
behavior analytics (UEBA).
3. A security architect is considering the design for an organization's transactional
records and is currently researching blockchain. What are some of the
foundational elements of blockchain technology? (Select all that apply.)
A. Multiparty Computation
B. Distributed consensus
C. Object storage
D. Hashing - ANSWER A. Multiparty Computation
B. Distributed consensus
D. Hashing
4. A software development manager wants to integrate a development model for
a company that will allow them to release small blocks of well-tested code to
bring functionality to the business as soon as possible. What is this method
called?
A. Spiral
B. Waterfall
C. SecDevOps
D. Agile - ANSWER D. Agile
,5. A site developer has recently experienced issues with Cross-Site Script Inclusion
attacks. Which of the following response headers could the site developer use to
mitigate this attack?
A. COOP
B. COEP
C. CORP
D. XFO - ANSWER C.CORP
A developer can set security options in the response header returned by a web
server to a client. Such is the case with Cross-Origin-Resource-Policy (CORP),
which protects against speculative execution (such as Spectre) and Cross-Site
Script (XSS) Inclusion attacks.
6. The vulnerability management lead has been enhancing the security posture
year after year and is looking at security coding standards. What are some sources
the management lead could recommend to the organization? (Select all that
apply.)
A. NIST 800-53
B. Carnegie-Mellon Software Engineering Institute
C. OWASP
D. COBIT - ANSWER B.Carnegie-Mellon Software Engineering Institute
C. OWASP
The Carnegie-Mellon Software Engineering Institute is one source of secure coding
standards for languages, such as C, C++, Android, Java, and Perl.
, OWASP has a vast library of guidance and information regarding secure coding
practices. It covers several key areas such as input validation, output encoding,
authentication management, and more.
7. A security architect for a university wants to set up a federation method
commonplace in their industry. Which of the following is routinely known for
being used by universities?
A. Shibboleth
B. Transitive trust
C. OpenID
D. SAML - ANSWER A.Shibboleth
Shibboleth is a federated identity method based on SAML and often used by
universities and public service organizations.
8. A security manager is looking for a solution that contains software to monitor
and report the day-to-day operations of an enterprise and the status of various
resources and activities. Which of the following should the security manager
consider?
A. CMDB
B. CMS
C. ERP
D. CRM - ANSWER C.ERP
