Which of the following is BEST deserved as "being outside the scope of risk management in DevSecOps"?
A.
Manage major events that caused harm or loss
B.
inform business risk decisions for applications
C.
Assess me effectiveness of cybersecurity program
D.
Ensure the acuity to meet compliance controls
Answer:
C
User Votes:
A
50%
B
50%
C
50%
D
50%
Discussions
0/ 1000
Question 2
An organization does not allow servers to be upgraded. The scenario BEST describes which of the following?
A.
Mutable infrastructure
B.
Data integrity
C.
immutable infrastructure
D.
Data security
Answer:
C
User Votes:
A
50%
B
50%
C
50%
D
50%
Discussions
0/ 1000
Question 3
Which of the following BEST describes the combination that provided the foundational principles that ted to DevOps? 1. Agile 2. Lean 3. ITIL 4. SAFE
A.
1 and 2
B.
2 and 3
C.
3 and 4
D.
1 and 4
Answer:
A
User Votes:
A
50%
B
50%
C
50%
D
50%
Discussions
0/ 1000
Question 4
Which of the following is BEST described as ''the level of the IT security learning continuum where an organization covers security basics and literacy’’?
A.
Education
B.
Awareness
C.
Immersion
D.
Training
Answer:
B
User Votes:
A
50%
B
50%
C
50%
D
50%
Discussions
0/ 1000
Question 5
When of the following statements BEST describes penetration testing?
A.
A coordinated cyber attack to check simulated vulnerabilities
B.
A planned cyber attack to check for actionable vulnerabilities
C.
A coordinated cyber attack to check for planned vulnerabilities
D.
A simulated cyber attack to check for exploitable vulnerabilities
Answer:
B
User Votes:
A
50%
B
50%
C
50%
D
50%
Discussions
0/ 1000
Question 6
DevSecOps requires many intersecting pans to collaborate and function together. Which of the following BEST describes what an organization should focus on when starting their implementation?
A.
Process
B.
Governance
C.
Technology
D.
People
Answer:
B
User Votes:
A
50%
B
50%
C
50%
D
50%
Discussions
0/ 1000
Question 7
Which of the following BEST describes continuous deployment?
A.
A software release process that uses automated testing and autonomous deployment
B.
A coding approach where branches are merged to a master branch multiple times a day
C.
A rapid incident response plan for increased visibility and mitigation of failure
D.
A set of practices to ensure code can be deployed rapidly and safely to production
Answer:
D
User Votes:
A
50%
B
50%
C
50%
D
50%
Discussions
0/ 1000
Question 8
Which of the following BEST represents a key principle of a peer code review?
A.
A peer code review enables the organization to identify defects earlier in the process
B.
A peer code review allows an organization to avoid using a formal change process
C.
A peer code review enables deep worn and task speculation to improve the reliability of software
D.
A peer code review enables management to take a hands-off approach to quality assurance
Answer:
A
User Votes:
A
50%
B
50%
C
50%
D
50%
Discussions
0/ 1000
Question 9
Which of following BEST describes the types of identity-confirming credentials in four-factor authentication? 1. Recognition 2. Ownership 3. Knowledge 4. inherence
A.
1 and 2
B.
3 and 3
C.
3 and 4
D.
1 and 4
Answer:
D
User Votes:
A
50%
B
50%
C
50%
D
50%
Discussions
0/ 1000
Question 10
Which of the following BEST describes static application security testing (SAST)?
A.
A security testing methodology that examines application vulnerabilities as it is running.
B.
Analyzes code for vulnerabilities by interacting with the application functionality.
C.
Analyzes the software composition for vulnerabilities with open-source frameworks
D.
A security testing methodology that examines code for flaws and weaknesses
Answer:
B
User Votes:
A
50%
B
50%
C
50%
D
50%
Discussions
0/ 1000
Question 11
Which of the following BEST describes how containers and image layers are related?
A.
Layers of a container are dependent on the layer immediately above it
B.
A layer within a container is designed within microservices architecture
C.
Layers are immutable files that represent a snapshot of a container.
D.
A layer consists of multiple containers with similar microservices architecture
Answer:
C
User Votes:
A
50%
B
50%
C
50%
D
50%
Discussions
0/ 1000
Question 12
When of the following BEST describes a type of firewall?
A.
Computer-based
B.
System-based
C.
User-based
D.
Cloud-based
Answer:
A
User Votes:
A
50%
B
50%
C
50%
D
50%
Discussions
0/ 1000
Question 13
The Open Web Application Security Project @ (OWASP) is a nonprofit and open community mat supports the goals of DevSecOps that provides many resources to the community. Which of the following BEST represents a key resource that they make available to the community?
A.
Security and auditing guidelines
B.
Open-source testing procedures
C.
A maturity model for assessment
D.
Training and certification courses
Answer:
A
User Votes:
A
50%
B
50%
C
50%
D
50%
Discussions
0/ 1000
Question 14
When of the following BEST describes a benefit of immutable objects?
A.
Deployments are more predictable
B.
Feature changes are less risky
C.
Releases are completed faster
D.
Changes are more successful
Answer:
A
User Votes:
A
50%
B
50%
C
50%
D
50%
Discussions
0/ 1000
Question 15
ABC Corporation has just experienced multiple DDoS attacks. Which of the following BEST describes what a possible goal of me perpetrator(S) was?