DevSecOps問題集には練習試験問題解答 [Q10-Q25]

Share

DevSecOps問題集には練習試験問題解答

DevSecOpsはPeopleCert DevOps実際の無料試験練習テスト

質問 10
When of the following BEST describes now the security principle of validation of a user's access and actions differ within a DevSecOps mindset versus a more traditional approach to this principle?

  • A. The act of validation focuses on credentials.
  • B. The act of validation is at the point of request
  • C. The act of validation is continuous and ongoing
  • D. The ad of validation is at the point of access

正解: C

 

質問 11
Which of the following is BEST deserved as "being outside the scope of risk management in DevSecOps"?

  • A. Ensure the acuity to meet compliance controls
  • B. Manage major events that caused harm or loss
  • C. Assess me effectiveness of cybersecurity program
  • D. inform business risk decisions for applications

正解: C

 

質問 12
ABC Corporation has just experienced multiple DDoS attacks.
Which of the following BEST describes what a possible goal of me perpetrator(S) was?

  • A. To attempt to steal vital information
  • B. To gain unauthorized system access
  • C. To minimize the legitimate users' access
  • D. To discredit or damage a rival business

正解: C

 

質問 13
Visual tactile, and auditory are modalities of formal learning
Which of the following is BEST described as the fourth major modality of formal learning?

  • A. Kinesthetic
  • B. Observe live
  • C. Story based
  • D. Demonstration

正解: B

 

質問 14
Which of the following is BEST described as "how container images are dynamically analyzed before they are deployed"?

  • A. Software composition analysis (SCA)
  • B. Dynamic application security testing (DAST)
  • C. interactive application security testing (IAST)
  • D. Dynamic threat analysis (DTA)

正解: D

 

質問 15
When of the following BEST describes a type of firewall?

  • A. System-based
  • B. Computer-based
  • C. User-based
  • D. Cloud-based

正解: B

 

質問 16
Which of following BEST describes the types of identity-confirming credentials in four-factor authentication?
1. Recognition
2. Ownership
3. Knowledge
4. inherence

  • A. 3 and 3
  • B. 3 and 4
  • C. 1 and 4
  • D. 1 and 2

正解: C

 

質問 17
Which of the following BEST represents a key principle of a peer code review?

  • A. A peer code review enables management to take a hands-off approach to quality assurance
  • B. A peer code review enables the organization to identify defects earlier in the process
  • C. A peer code review allows an organization to avoid using a formal change process
  • D. A peer code review enables deep worn and task speculation to improve the reliability of software

正解: B

 

質問 18
Which of the following BEST describes an example of technical or design dew when designing for defensibility?

  • A. Not developing comprehensive documentation and training material
  • B. Not prioritizing the set of critical customer feature in the current sprint
  • C. Not establishing all the product requirements prior to the first iteration
  • D. Not including the addition of security controls in the definition of done

正解: D

 

質問 19
Which of the following BEST describes how containers and image layers are related?

  • A. Layers of a container are dependent on the layer immediately above it
  • B. A layer within a container is designed within microservices architecture
  • C. A layer consists of multiple containers with similar microservices architecture
  • D. Layers are immutable files that represent a snapshot of a container.

正解: D

 

質問 20
Which of the following BEST describes the combination that provided the foundational principles that ted to DevOps?
1. Agile
2. Lean
3. ITIL
4. SAFE

  • A. 1 and 4
  • B. 2 and 3
  • C. 3 and 4
  • D. 1 and 2

正解: D

 

質問 21
DevSecOps requires many intersecting pans to collaborate and function together.
Which of the following BEST describes what an organization should focus on when starting their implementation?

  • A. Technology
  • B. Process
  • C. People
  • D. Governance

正解: D

 

質問 22
Which of the following BEST describes continuous deployment?

  • A. A coding approach where branches are merged to a master branch multiple times a day
  • B. A set of practices to ensure code can be deployed rapidly and safely to production
  • C. A rapid incident response plan for increased visibility and mitigation of failure
  • D. A software release process that uses automated testing and autonomous deployment

正解: B

 

質問 23
Which of the following BEST describes static application security testing (SAST)?

  • A. Analyzes code for vulnerabilities by interacting with the application functionality.
  • B. A security testing methodology that examines code for flaws and weaknesses
  • C. Analyzes the software composition for vulnerabilities with open-source frameworks
  • D. A security testing methodology that examines application vulnerabilities as it is running.

正解: A

 

質問 24
Which of the following BEST fills in the bank?
"In DevSecOps environments information security is__________as much as possible into the daily work of development and operations".

  • A. Designed
  • B. integrated
  • C. Automated
  • D. Embedded

正解: A

 

質問 25
......

無料PeopleCert DevOps DevSecOps試験問題:https://jp.fast2test.com/DevSecOps-premium-file.html

DevSecOps問題集でPeopleCert DevOps必ず合格できる練習問題集:https://drive.google.com/open?id=1N90Uh9cED11_jBNbpL-voadZaF2IazaN


弊社を連絡する

我々は12時間以内ですべてのお問い合わせを答えます。

我々の働いている時間: ( GMT 0:00-15:00 )
月曜日から土曜日まで

サポート: 現在連絡 

English Deutsch 繁体中文 한국어