D385 Software Security and Testing
Access The Exact Questions for D385 Software Security and Testing
💯 100% Pass Rate guaranteed
🗓️ Unlock for 1 Month
Rated 4.8/5 from over 1000+ reviews
- Unlimited Exact Practice Test Questions
- Trusted By 200 Million Students and Professors
Starting from
$30/month
What’s Included:
- Unlock 100 + Actual Exam Questions and Answers for D385 Software Security and Testing on monthly basis
- Well-structured questions covering all topics, accompanied by organized images.
- Learn from mistakes with detailed answer explanations.
- Easy To understand explanations for all students.
Your Ultimate Pass Kit: Unlocked D385 Software Security and Testing Practice Questions & Answers
Free D385 Software Security and Testing Questions
1. 78. What is the primary function of anti-virus software in a computer system?
- To enhance internet speed
- To scan for, detect, and remove viruses and other malicious software
- To manage user access rights
- To monitor network traffic for intrusions
Explanation
The main function of anti-virus software is to scan, detect, and remove malicious software such as viruses, worms, Trojans, and spyware. It continuously monitors system files and incoming data to identify suspicious patterns or behaviors that match known threats. By quarantining or deleting harmful programs, antivirus software helps protect the system’s integrity and prevent infections.
2. 93. What is the primary goal of usability testing in software development?
- To evaluate the performance of the software under load
- To assess how easily real users can navigate and complete tasks
- To verify that the software meets all specified requirements
- To check the software for security vulnerabilities
Explanation
The primary goal of usability testing is to assess how easily real users can navigate and complete tasks within the software. It focuses on the user experience—measuring intuitiveness, efficiency, and satisfaction. Usability testing ensures that the interface is user-friendly, accessible, and aligned with the target audience’s needs, ultimately improving product acceptance and engagement.
3. 13. What is the primary function of an Intrusion Prevention System (IPS) in network security?
- To encrypt sensitive data during transmission
- To monitor and analyze network traffic for potential threats
- To manage user access rights within a network
- To provide antivirus protection against malware
Explanation
An Intrusion Prevention System (IPS) is a network security device that actively monitors and analyzes network traffic to detect and prevent potential threats in real time. Unlike passive systems that only alert administrators, an IPS can automatically block, drop, or modify malicious traffic to stop attacks such as exploits, denial-of-service attempts, and malware communication before they cause harm.
4. 50. What are the benefits of implementing multi-factor authentication (MFA) when authenticating to devices in your environment?
- MFA will determine what controlling terminals (tty#) the root user is allowed to login to.
- An attacker is less likely to gain unauthorized access when faced with the task of needing to compromise multiple factors.
- MFA enforces more than one method to authenticate which will deter an attacker from gaining authorization.
- MFA will trigger a temporary lockout if multiple authentication attempts fail.
Explanation
Multi-Factor Authentication (MFA) enhances security by requiring users to provide two or more independent forms of verification—such as something they know (password), something they have (token or phone), or something they are (biometric). This layered approach makes it significantly harder for attackers to gain unauthorized access, as compromising multiple authentication factors is far more difficult than stealing just a password.
5.
import requests
urls = open("websites.txt", "r")
for url in urls:
url = url.strip()
req = requests.get(url)
print(url, 'report')
try:
transport_security =
req.headers['Strict-Transport-Security']
except:
print('HSTS header not set properly')
- Man-in-the-middle
- Cross-site scripting
- Denial of service
- Code injection
Explanation
The script checks whether the HTTP Strict Transport Security (HSTS) header is properly configured on each website. If the HSTS header is missing, users are vulnerable to Man-in-the-Middle (MITM) attacks because browsers may connect using insecure HTTP instead of HTTPS. HSTS ensures all communications are encrypted, preventing interception or tampering by malicious parties. The absence of HSTS reveals susceptibility to MITM attacks.
6. 54. The process of developing, testing, and adding security features within applications to prevent security vulnerabilities against threats such as unauthorized access and modification.
- application security
- Network security
- Physical security
- Cloud security
Explanation
Application security refers to the practice of incorporating security measures throughout the software development lifecycle to protect applications from threats such as unauthorized access, data breaches, and code manipulation. This includes secure coding, vulnerability testing, authentication mechanisms, and patch management to ensure that applications remain resilient against attacks.
7. 65. A network IPS is used for which of the following?
- To identify and document network based intrusions and network traffic
- To document and analyze network visualization threats and performance
- To identify and prevent network based intrusions or unwanted network traffic
- To document and analyze malware and viruses on the Internet
Explanation
A Network Intrusion Prevention System (IPS) is designed to identify and prevent network-based intrusions or unwanted traffic in real time. It continuously monitors network packets for signs of malicious activity and can automatically block or drop harmful traffic before it reaches its destination. Unlike an IDS, which only detects and alerts, an IPS takes active steps to stop the attack.
8. 81. Identity management involves
- Providing security administrators with a single view of an individual's accounts and permissions across the entire organization
- Maintaining records from which information is retrieved by identifying particulars assigned to the individual
- Process of comparing each discovered identity to a master record of all individuals in the organization
- Identifying individuals and collecting data to determine access to resources
Explanation
Identity management provides security administrators with a unified view of user accounts, roles, and permissions across the organization. It ensures that the right individuals have appropriate access to technology resources while maintaining compliance and security. Through centralized oversight, identity management simplifies user provisioning, access reviews, and policy enforcement to prevent unauthorized access or privilege misuse.
9. 57. Which is the correct definition of an antivirus program?
- Program used to detect and remove unwanted malicious software from the system
- A program that provides real-time analysis of security alerts generated by network hardware and applications
- A program that scans a running application for vulnerabilities
- Rules that allow network traffic to pass in and out
Explanation
An antivirus program is designed to detect, prevent, and remove malicious software such as viruses, worms, Trojans, and spyware from a computer system. It scans files and programs for known malware signatures and suspicious behavior, offering both real-time protection and periodic system scans to maintain device security and performance.
10. 38. Encryption is the translation of data into a code that is not readily understood by unauthorized users. This data is referred to as:
- Cipher text
- Binary
- Electronic signature
- Cookies
Explanation
When data is encrypted, it is converted into a scrambled format known as cipher text. This transformation ensures that only authorized users with the correct decryption key can read or interpret the original data. Cipher text protects sensitive information—such as passwords, financial details, or personal data—from interception and unauthorized access during storage or transmission.
How to Order
1
Select Your Exam
Click on your desired exam to open its dedicated page with resources like practice questions, flashcards, and study guides.Choose what to focus on, Your selected exam is saved for quick access Once you log in.
2
Subscribe
Hit the Subscribe button on the platform. With your subscription, you will enjoy unlimited access to all practice questions and resources for a full 1-month period. After the month has elapsed, you can choose to resubscribe to continue benefiting from our comprehensive exam preparation tools and resources.
3
Pay and unlock the practice Questions
Once your payment is processed, you’ll immediately unlock access to all practice questions tailored to your selected exam for 1 month .