SSA Audits Interview Question-Answer

Q.1 Which of the following approaches generates a report with SWOT analysis?

       A. Technical Review

       B. Process Audit

       C. Process Maturity Review

Ans : Process Audit

---

Q.2 Which of the following is a highly data-oriented review that provides independent inputs on SSA strategies?

       A. Process Maturity Review

       B. Technical Review

       C. Process Audits

       D. Governance Review

Ans : Governance Review

---

Q.3 Which of the following properties aim to generate a trail to identify the source and path of attack?

       A. Repudiation

       B. Resilience

       C. Traceability

       D. Accountability

Ans : Traceability

---

Q.4 Which of the following is an intensive review performed to confirm compliance with the customer’s security, privacy, and reliability requirements?

       A. Process Maturity Review

       B. Process Audits

       C. Technical Review

Ans : Process Maturity Review

---

Q.5 The safeguards that are integrated throughout the delivery lifecycle by SSA, making solutions and services reliable, resilient, and immune to attacks and failures are _________.

       A. Security, Confidentiality, Integrity, Availability

       B. Resilience, Traceability, Reliability

       C. Security, Privacy, Reliability

       D. Confidentiality, Integrity, Availability

Ans : Security, Confidentiality, Integrity, Availability

---

Q.6 How often are Process Maturity Reviews conducted?

       A. With major releases

       B. Half Yearly

       C. Monthly

       D. Quarterly

Ans : Half Yearly

---

Q.7 Which of the following approaches are adopted during Governance Review?

       A. Question and Answer

       B. Data Analysis

       C. Subjective Judgement

       D. All of these

Ans : All of these

---

Q.8 Which of the following SSA audit types involves simulating real-life attacker in the unprivileged and privileged modes?

       A. Process Audits

       B. Process Maturity Review

       C. Technical Review

Ans : Technical Review

---

Q.9 What is the output of Technical Review?

       A. Report with SWOT analysis

       B. SSA Maturity report

       C. Top strategic improvements

       D. Vulnerability report

Ans : Vulnerability report

---

Q.10 What is the output of Governance Review?

       A. Vulnerability report

       B. SSA Maturity report

       C. Top strategic improvements

       D. Report with SWOT analysis

Ans : Top strategic improvements

---

Q.11 Software that is secure on a given platform, environment, and threat landscape can be considered secure in any other platform, environment or threat landscape.

       A. True

       B. False

Ans : True

---

Q.12 How often are process audits carried out?

       A. Monthly

       B. With major releases

       B. Quarterly

Ans : Quarterly

---