InterviewSolution
Saved Bookmarks
InterviewSolution
This section includes InterviewSolutions, each offering curated multiple-choice questions to sharpen your knowledge and support exam preparation. Choose a topic below to get started.
| 1. |
DAST is independent of programming languages. |
|
Answer» DAST is independent of PROGRAMMING languages. Choose the correct option from below LIST (1)False (2)TRUE Answer:-(2)True |
|
| 2. |
____________ software development methodology characterizes security as a primary consideration throughout the processes of development and delivery o |
|
Answer» ____________ software development methodology CHARACTERIZES security as a primary consideration THROUGHOUT the processes of development and DELIVERY of software. |
|
| 3. |
_________ emphasizes increased trust, transparency, and a clearer understanding of probable risks. |
|
Answer» _________ emphasizes INCREASED trust, transparency, and a clearer UNDERSTANDING of probable risks. |
|
| 4. |
_________ simulates failure by randomly terminating clusters. |
|
Answer» _________ simulates failure by randomly terminating clusters. |
|
| 5. |
________ procedure involves integrating secure development practices and methodologies into development and deployment processes that enforce DevOps. |
|
Answer» ________ procedure INVOLVES integrating secure development practices and methodologies into development and deployment PROCESSES that ENFORCE DevOps. |
|
| 6. |
_________ approach aims to include security in each phase of the development cycle. |
|
Answer» _________ APPROACH aims to include SECURITY in each phase of the development cycle. |
|
| 7. |
DevSecOps encourages creativity and experimentation. |
|
Answer» DevSecOps ENCOURAGES creativity and experimentation. |
|
| 8. |
Which is the software development approach that first emphasized on incorporating customer feedback early and often? |
|
Answer» Which is the software development APPROACH that first emphasized on INCORPORATING customer feedback early and often? |
|
| 9. |
Threat modeling and data flow diagrams are worked upon in the _________ phase. |
|
Answer» THREAT modeling and data flow diagrams are worked upon in the _________ phase. Choose the correct OPTION from below list (1)Planning (2)OPERATING (3)Coding (4)Testing Answer:-(1)Planning |
|
| 10. |
In DevSecOps, security-related activities are the sole responsibility of the security team. |
|
Answer» In DevSecOps, SECURITY-related activities are the sole responsibility of the security team. |
|
| 11. |
____________ adds robust security practices and strategies to traditional DevOps practices. |
|
Answer» ____________ ADDS ROBUST security practices and strategies to traditional DEVOPS practices. |
|
| 12. |
In _________ approach, the code is analyzed for security vulnerabilities, while the application is run either manually or by an automated test. |
|
Answer» In _________ approach, the code is ANALYZED for security VULNERABILITIES, while the application is run either manually or by an automated test. |
|
| 13. |
Which of the following can be used to ensure the security of the CI/CD pipeline? |
|
Answer» Which of the following can be USED to ensure the security of the CI/CD pipeline? |
|
| 14. |
Which of the following is used by IaC to code more versatile and adaptive provisioning and deployment processes? |
|
Answer» Which of the following is used by IaC to code more VERSATILE and adaptive provisioning and deployment processes? |
|
| 15. |
An AppSec pipeline applies the principle of _________ into the application security program. |
|
Answer» An AppSec pipeline applies the principle of _________ into the application security program. |
|
| 16. |
Which phase involves checking the signature of binaries? |
|
Answer» Which phase INVOLVES CHECKING the signature of binaries? |
|
| 17. |
In modern software development, a large portion of code is reused from open source and third-party libraries. |
|
Answer» In MODERN software DEVELOPMENT, a LARGE portion of code is reused from open source and third-party libraries. |
|
| 18. |
What is the practice of testing the production environment continuously with different types of failure scenarios called? |
|
Answer» What is the practice of testing the production environment continuously with different TYPES of failure SCENARIOS called? |
|
| 19. |
In the DevSecOps, during which phase of the development cycle are the security aspects considered? |
|
Answer» In the DevSecOps, during which phase of the development cycle are the SECURITY aspects considered? |
|
| 20. |
SAST is also known as ____________. |
|
Answer» SAST is also known as ____________. |
|
| 21. |
RASP works as a network device. |
|
Answer» RASP works as a NETWORK device. Choose the CORRECT option from below list (1)True (2)False Answer:-(2)False |
|
| 22. |
In the AppSec pipeline, the first phase, intake process, is also known as ___________. |
|
Answer» In the AppSec pipeline, the first PHASE, intake process, is ALSO known as ___________. |
|
| 23. |
In ________ type of IT setup, developers or operations teams automatically manage and provision the technology stack for an application through softwa |
|
Answer» In ________ type of IT setup, developers or OPERATIONS teams automatically manage and provision the technology stack for an application through software. |
|
| 24. |
How many distinct areas does the AppSec pipeline comprise? |
|
Answer» How many DISTINCT areas does the AppSec pipeline COMPRISE? |
|
| 25. |
____________ software development approach aims to enhance the collaboration between the software development and the IT operations team. |
|
Answer» ____________ software development approach aims to ENHANCE the COLLABORATION between the software development and the IT operations team. |
|
| 26. |
_______ helps in meditating multi-availability zone residency regularly. |
|
Answer» _______ helps in meditating multi-availability zone RESIDENCY regularly. |
|
| 27. |
_______ helps in validating if the server can handle degradation. |
|
Answer» _______ HELPS in validating if the server can handle degradation. |
|
| 28. |
Which of the following can be considered as a sound monitoring approach? |
|
Answer» Which of the following can be CONSIDERED as a sound monitoring approach? |
|
| 29. |
Which of the following SAST tools analyze to uncover vulnerabilities? |
|
Answer» Which of the FOLLOWING SAST tools analyze to uncover vulnerabilities? |
|
| 30. |
_________ testing strategy involves feeding malformed inputs to a software. |
|
Answer» _________ testing strategy involves FEEDING MALFORMED inputs to a software. |
|
| 31. |
Which of the following is the desirable characteristic of a useful monitoring framework? |
|
Answer» Which of the following is the desirable characteristic of a useful monitoring framework? |
|
| 32. |
Which of the following security activities is carried out during the coding phase? |
|
Answer» Which of the following security activities is carried out during the CODING phase? |
|
| 33. |
Which phase of DevSecOps emphasizes reliability, performance, and scaling? |
|
Answer» Which PHASE of DEVSECOPS emphasizes reliability, performance, and scaling? |
|
| 34. |
Static Application security testing can be used to uncover issues related to operational deployment. |
|
Answer» STATIC APPLICATION security TESTING can be used to uncover issues related to operational deployment. Choose the CORRECT option from below list (1)False (2)True Answer:-(1)False |
|
| 35. |
The ________ phase highlights the shift left velocity and involves choosing security tools and solutions that integrate within the developer environme |
|
Answer» The ________ phase highlights the shift left velocity and INVOLVES CHOOSING security tools and solutions that integrate WITHIN the developer environment. |
|
| 36. |
SAST requires the application to be running. |
|
Answer» SAST requires the APPLICATION to be running. |
|
| 37. |
In SAST, during which phases are the software artifacts analyzed to uncover vulnerabilities? |
|
Answer» In SAST, during which phases are the software ARTIFACTS ANALYZED to uncover vulnerabilities? |
|