
DevSecOps問題集には練習試験問題解答
DevSecOpsはPeopleCert DevOps実際の無料試験練習テスト
質問 10
When of the following BEST describes now the security principle of validation of a user's access and actions differ within a DevSecOps mindset versus a more traditional approach to this principle?
- A. The act of validation focuses on credentials.
- B. The act of validation is at the point of request
- C. The act of validation is continuous and ongoing
- D. The ad of validation is at the point of access
正解: C
質問 11
Which of the following is BEST deserved as "being outside the scope of risk management in DevSecOps"?
- A. Ensure the acuity to meet compliance controls
- B. Manage major events that caused harm or loss
- C. Assess me effectiveness of cybersecurity program
- D. inform business risk decisions for applications
正解: C
質問 12
ABC Corporation has just experienced multiple DDoS attacks.
Which of the following BEST describes what a possible goal of me perpetrator(S) was?
- A. To attempt to steal vital information
- B. To gain unauthorized system access
- C. To minimize the legitimate users' access
- D. To discredit or damage a rival business
正解: C
質問 13
Visual tactile, and auditory are modalities of formal learning
Which of the following is BEST described as the fourth major modality of formal learning?
- A. Kinesthetic
- B. Observe live
- C. Story based
- D. Demonstration
正解: B
質問 14
Which of the following is BEST described as "how container images are dynamically analyzed before they are deployed"?
- A. Software composition analysis (SCA)
- B. Dynamic application security testing (DAST)
- C. interactive application security testing (IAST)
- D. Dynamic threat analysis (DTA)
正解: D
質問 15
When of the following BEST describes a type of firewall?
- A. System-based
- B. Computer-based
- C. User-based
- D. Cloud-based
正解: B
質問 16
Which of following BEST describes the types of identity-confirming credentials in four-factor authentication?
1. Recognition
2. Ownership
3. Knowledge
4. inherence
- A. 3 and 3
- B. 3 and 4
- C. 1 and 4
- D. 1 and 2
正解: C
質問 17
Which of the following BEST represents a key principle of a peer code review?
- A. A peer code review enables management to take a hands-off approach to quality assurance
- B. A peer code review enables the organization to identify defects earlier in the process
- C. A peer code review allows an organization to avoid using a formal change process
- D. A peer code review enables deep worn and task speculation to improve the reliability of software
正解: B
質問 18
Which of the following BEST describes an example of technical or design dew when designing for defensibility?
- A. Not developing comprehensive documentation and training material
- B. Not prioritizing the set of critical customer feature in the current sprint
- C. Not establishing all the product requirements prior to the first iteration
- D. Not including the addition of security controls in the definition of done
正解: D
質問 19
Which of the following BEST describes how containers and image layers are related?
- A. Layers of a container are dependent on the layer immediately above it
- B. A layer within a container is designed within microservices architecture
- C. A layer consists of multiple containers with similar microservices architecture
- D. Layers are immutable files that represent a snapshot of a container.
正解: D
質問 20
Which of the following BEST describes the combination that provided the foundational principles that ted to DevOps?
1. Agile
2. Lean
3. ITIL
4. SAFE
- A. 1 and 4
- B. 2 and 3
- C. 3 and 4
- D. 1 and 2
正解: D
質問 21
DevSecOps requires many intersecting pans to collaborate and function together.
Which of the following BEST describes what an organization should focus on when starting their implementation?
- A. Technology
- B. Process
- C. People
- D. Governance
正解: D
質問 22
Which of the following BEST describes continuous deployment?
- A. A coding approach where branches are merged to a master branch multiple times a day
- B. A set of practices to ensure code can be deployed rapidly and safely to production
- C. A rapid incident response plan for increased visibility and mitigation of failure
- D. A software release process that uses automated testing and autonomous deployment
正解: B
質問 23
Which of the following BEST describes static application security testing (SAST)?
- A. Analyzes code for vulnerabilities by interacting with the application functionality.
- B. A security testing methodology that examines code for flaws and weaknesses
- C. Analyzes the software composition for vulnerabilities with open-source frameworks
- D. A security testing methodology that examines application vulnerabilities as it is running.
正解: A
質問 24
Which of the following BEST fills in the bank?
"In DevSecOps environments information security is__________as much as possible into the daily work of development and operations".
- A. Designed
- B. integrated
- C. Automated
- D. Embedded
正解: A
質問 25
......
無料PeopleCert DevOps DevSecOps試験問題:https://jp.fast2test.com/DevSecOps-premium-file.html
DevSecOps問題集でPeopleCert DevOps必ず合格できる練習問題集:https://drive.google.com/open?id=1N90Uh9cED11_jBNbpL-voadZaF2IazaN