Practice Free PEGACPLSA24V1 Exam Online Questions
When do you set the Rule security mode on the access group to Warn?
- A . When writing a message in the log file because attribute-based access control (ABAC) overrode the role-based access control (RBAC) setting.
- B . When verifying that the access role is configured correctly for rule execution.
- C . When displaying a custom Warn message for a rule execution failure.
- D . When automatically notifying the system administrator when access is denied to a rule.
Which three of the following options come under security administration events while auditing your Pega application? (Choose Three)
- A . Changes to security authentication policies.
- B . Changes to dynamic system settings.
- C . Changes to attribute-based access control policies and policy conditions.
- D . Changes to operator records.
- E . Changes to report definition filters.
What is the significance of Center-out business architecture in designing Pega enterprise applications?
- A . It focuses on building applications around the user interface for a seamless user experience.
- B . It emphasizes creating a centralized business logic layer for better scalability and performance.
- C . It prioritizes the integration of various backend systems to streamline data flow.
- D . It promotes a mobile-first approach to application design.
Which three statements are true about attribute-based access control (ABAC)? (Choose Three)
- A . ABAC does not support encryption at the property level.
- B . Using ABAC, you must reference at least one type of RBAC rule to enforce security.
- C . The Applies-To class for every rule used by an access control policy must extend either Work- or Data-.
- D . Access control policies cannot be turned off once defined.
- E . Using ABAC, it is possible to prevent an access control policy from being overridden.
- F . ABAC allows only certain properties within a class to be masked.
- G . ABAC does not need to reference role-based access control (RBAC) rules to enforce security.
Which authentication model is suitable for a scenario where users need to access a system using their existing social media accounts?
- A . Role-Based Authentication
- B . Biometric Authentication
- C . Single Sign-On (SSO)
- D . Attribute-Based Access Control (ABAC)
Which five of the following options should you consider when recommending a design solution? (Choose Five)
- A . Deployment.
- B . User experience/responsiveness.
- C . Complexity (which indirectly impact effort and maintenance).
- D . Maintenance.
- E . Effort (cost).
- F . Resource management (memory/database).
Which two of the following scenarios necessitate API-based testing for Pega Infinity applications? (Choose Two)
- A . The navigation of UI screens changes frequently in the application, and the quality assurance team is having challenges navigating the different screens. Every aspect of the application is accessible through interfaces.
- B . Citizen developers seek to conduct unit tests for complex UI functionality from App Studio. Every aspect of the application is accessible through interfaces.
- C . The quality assurance team is on an annual vacation, and application testing must be completed within a tight timeframe.
- D . The user experience of the application is complex and requires a significant amount of time to navigate all screens. Every aspect of the application is accessible through interfaces.
Any suspicious activity that that a customer performs is reported to the Financial-Crimes and Enforcement (FinCEN) department for further inquiry using the customer details by the U+ Bank suspicious activity monitoring (SAM) application. The investigation status is updated in the SAM application with a REST APIs service package that is configured in the SAM application call once the investigation is completed.
Which one of the following approaches prevents other applications from accessing the SAM application using REST?
- A . Configure a cross-origin resource sharing (CORS) policy with allowed FINCEN origin, and then apply this policy to the API.
- B . Configure a custom authentication type, and then apply the authentication to the service package of the API.
- C . Configure a content security policy (CSP) with allowed FinCEN origin (URL), and then apply the policy to the application.
- D . Configure the OAuth2.0 authentication type and apply the authentication to the service package of the API.
Which one of the following examples demonstrates the best usage of the case reference type?
- A . Onboarding and Taxation are two sibling case types; a report on the onboarded employees for whom paid tax is required. For this reporting requirement, Taxation should have a case reference data relationship with the Onboarding case type.
- B . Payment is a child case of the Reservation case; a report is required on payments for the confirmed reservations. For this requirement, Reservation has a data relationship with Payment as a case reference type.
- C . Onboarding and Taxation are two sibling case types; the list of onboarded employees are required in the taxation. For this requirement, Taxation has a data relationship with Onboarding as a case reference type.
- D . A step in a Purchase order case type life cycle should provide an option to add a list of items to the shopping cart. For this requirement, Purchase Order has a data relationship with Items as a case reference type.
When designing a refresh strategy for retrieving updated data from a system of record, one should _______________
- A . choose a single consistent strategy for all data sources used by an application
- B . consider all the pros and cons of the options for each data source and the requirements
- C . always retrieve data using declarative pages
- D . always choose the strategy that proves the best runtime performance