CompTIA
Checkpoint
ISC
HP
Dell
EC-Council
EXIN
Fortinet
ITIL®
Juniper
PMI
Microsoft
VMware
Avaya
Google
Salesforce
Amazon
Palo Alto Networks
Certiport
ISC2
All Vendors
  2. Home
  3. Exams
  4. Pegasystems
  5. PEGACPLSA88V1

Free PEGACPLSA88V1 Exam Braindumps (page: 13)

Page 13 of 61
PDF with 238 Questions

Select the option in which you would define Content Security Policies.

  1. To prevent the browser to load content from untrusted sources
  2. To restrict what data a user can view in a case the user can open
  3. To define security for case attachments
  4. To configure security for the content management integration

Answer(s): A

Explanation:

Content Security Policies (CSP) are defined to enhance the security of web applications by preventing the browser from loading content from untrusted sources. This helps mitigate cross-site scripting (XSS) and other code injection attacks.
Prevention of Untrusted Sources: CSPs are primarily used to specify which sources of content are trusted and can be loaded by the browser. This includes scripts, stylesheets, images, etc.


Reference:

Content Security Policy (CSP)



A developer has set the Rule security mode on the access group to Deny. Select the reason for this setting.

  1. Require Access of Role to Object rules be specified for each layer in the class hierarchy and not inherited from parent classes.
  2. Deny access to a rule if the privilege of the user is not defined in an Access of Role to Object.
  3. Disable standard privileges providing administrator access to the application (for example AllFlows and AllFllowActions).
  4. Ensure that all rules with the option of specifying a privilege have a privilege. Only users with the privilege can execute the rules.

Answer(s): D

Explanation:

Setting the Rule security mode on the access group to Deny ensures that:
Privileged Access Only: It enforces that all rules which can specify a privilege must have a privilege assigned. This ensures that only users with the appropriate privileges can execute these rules. Security Compliance: This setting helps in maintaining strict security compliance by not allowing default access to rules without explicit privilege checks.


Reference:

Pega Rule Security Mode



Identify three rule types that are used in defining Authentication Service data instances. (Choose Three)

  1. Data pages
  2. Activities
  3. Connectors
  4. Reports
  5. Data transforms

Answer(s): A,B,E

Explanation:

To define Authentication Service data instances in Pega, the following rule types are used:
Data pages: Used to retrieve and store authentication-related data. Activities: Perform operations such as authentication logic and integration with external systems. Data transforms: Used to map and transform authentication data.


Reference:

Defining Authentication Services in Pega



set the three security tasks you perform when deploying an application to a production environment.
(Choose Three)

  1. Delete the Unauthenticated access group.
  2. Restrict access to ruleset configuration.
  3. Change the Rule security mode setting on the access groups to Deny.
  4. Rename the PRServlet default servlets.
  5. Update standard dynamic system settings.

Answer(s): E

Explanation:

When deploying an application to a production environment, the following security tasks are performed:

Delete the Unauthenticated access group: To prevent unauthorized access to the application. Restrict access to ruleset configuration: Ensures only authorized users can make changes to the ruleset configurations, protecting the application from unintended modifications. Update standard dynamic system settings: Ensure that all system settings are correctly configured for production, enhancing the application's security and performance.


Reference:

Pega Security Best Practices



Page 13 of 61



Post your Comments and Discuss Pegasystems PEGACPLSA88V1 exam with other Community members:

Babu commented on July 29, 2024
Perfect study guide. Unlike those other sites with annoying captcha validation after each page. This site is more professional and clean.
India
upvote

swati commented on July 07, 2024
what will be correct ans of ques 13?
Anonymous
upvote