Infosys Certified Security Testing Professional
Practice with real exam-pattern questions for Infosys Certified Security Testing Professional. Each question includes a detailed explanation to help you understand the concept, not just memorise the answer. Try 10 questions free — no login required.
Full question bank for this exam + 1,357+ others. Cancel anytime.
Join Premium10 Infosys Certified Security Testing Professional practice questions with answers
Real Lex exam-pattern multiple-choice questions for the Infosys Certified Security Testing Professional certification. Each question includes the correct answer. The full question bank is available to Premium members.
- Question 1
An intrusion detection system (IDS) gathers and analyzes information from within a computer or a network, to identify the possible violations of security policy, including unauthorized access, as well as misuse.
Which of the following IDS detection technique detects the intrusion based on the fixed behavioral characteristics of the users and components in a computer system?
- ✓
Signature recognition
Correct - B
Anomaly detection
- C
Protocol anomaly detection
- D
All of the above
- ✓
- Question 2
An attacker is trying to redirect the traffic of a small office.
That office is using their own mail server, DNS server and NTP server because of the importance of their job.
The attacker gain access to the DNS server and redirect the direction www.google.com to his own IP address.
Now when the employees of the office wants to go to Google they are being redirected to the attacker machine.
What is the name of this kind of attack?
- ✓
MAC Flooding
Correct - B
Smurf Attack
- C
DNS spoofing
- D
ARP Polsoning
- ✓
- Question 3
Which of the following actions should you take before implementing a custom authentication and session management system?
- ✓
Find out if the HttpOnly flag is set in cookies.
Correct - B
Find out if you can use a small extension to an existing component to implement the system.
- C
Find out if form variables are available to store data.
- D
Find out if you need to use session-based indirection.
- ✓
- Question 4
Which protocol and port number might be needed in order to send log messages to a log analysis tool that resides behind a firewall?
- ✓
UDP 123
Correct - B
UDP 541
- C
UDP 514
- D
UDP 415
- ✓
- Question 5
By using a smart card and pin, you are using a two-factor authentication that satisfies
- ✓
Something you know and something you are
Correct - B
Something you have and something you know
- C
Something you have and something you are
- D
Something you are and something you remember
- ✓
- Question 6
Robots.txt files in web application may cause Information Exposure.
- ✓
true
Correct - B
false
- ✓
- Question 7
Which of the following problems can be solved by using Wireshark?
- ✓
Troubleshooting communication resets between two systems
Correct - B
Tracking version changes of source code
- C
Resetting the administrator password on multiple systems
- D
Checking creation dates on all webpages on a server
- ✓
- Question 8
Internet Protocol Security IPSec is actually a suite of protocols. Each protocol within the suite provides different functionality. Collective IPSec does everything except.
- ✓
Work at the Data Link Layer
Correct - B
Protect the payload and the headers
- C
Encrypt
- D
Authenticate
- ✓
- Question 9
Frame busting is a technique to avoid which vulnerability
- ✓
XSS
Correct - B
CSRF
- C
JS Hijacking
- D
UI redress attacks
- ✓
- Question 10
Which of the following is not a SSL Pinning bypass technique?
- ✓
Using SSL Unpinned tool
Correct - B
Modifying Smali code/Reverse engg)
- C
Using SSLyze tool
- D
Hooking
- ✓
More in IVS Academy
Infosys Certified TOSCA Automation Tester
Infosys certified Digital Accessibility Expert
Infosys Certified Data QE platform Expert
Pay once. Clear every cert this year.
One subscription, full Telegram channel access, every PDF posted during your membership.
- Full access to all 1,357+ certifications
- Monthly updated question banks
- Telegram private channel access
- Cancel anytime
- Everything in Monthly
- Save ₹2,100 vs monthly billing
- Priority answer key requests
- Best for increasing DQ score fast
- Everything in Quarterly
- Lifetime channel access — no renewals
- All future certifications included
- Priority response from admin team
Common questions, straight answers.
A monthly-updated Telegram channel where we post real exam-pattern question banks and detailed answer keys for 1,357+ Infosys Lex certifications. You join once, you get every PDF posted during your membership.
Right after payment on our Graphy page, you'll receive a private invite link to the Telegram channel. Access is instant — usually under 30 seconds.
We compile question banks from the actual Lex test pattern, sourced and verified by 180K+ community members who've recently cleared these exams. Match rate is consistently 85–95%.
Every single month. When Infosys rolls out new versions of certifications, we post updated dumps within 7–10 days. You'll see channel activity weekly.
Clearing certifications is one of the highest-weighted DQ factors. Members typically clear 3–5 certifications in their first 3 months, which moves DQ scores up by a full band.