Scribd
Upload
10K views2 pages

Devops Security

DevSecOps considers security aspects throughout the application lifecycle. It aims to include security in each phase of the development cycle using a shift left security approach. Dynamic Application Security testing, also known as black box testing, analyzes the running application without source code. Monitoring approaches like SIEM can provide sound monitoring.

Uploaded by

ADHIRAJ SINGH
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as TXT, PDF, TXT or read online on Scribd
10K views2 pages

Devops Security

DevSecOps considers security aspects throughout the application lifecycle. It aims to include security in each phase of the development cycle using a shift left security approach. Dynamic Application Security testing, also known as black box testing, analyzes the running application without source code. Monitoring approaches like SIEM can provide sound monitoring.

Uploaded by

ADHIRAJ SINGH
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as TXT, PDF, TXT or read online on Scribd
You are on page 1/ 2

1.

In the DevSecOps, during which phase of the development cycle are the security
aspects considered? -throuhout the application lifecycle

2.____________ software development approach aims to enhance the collaboration


between the software development and the IT operations team. -DevOps

3.Which phase of DevSecOps emphasizes reliability, performance, and scaling?-


security

4.In DevSecOps, security-related activities are the sole responsibility of the


security team.-false

5.Which is the software development approach that first emphasized on incorporating


customer feedback early and often-Agile

6.Which phase involves checking the signature of binaries?-operate

7._________ approach aims to include security in each phase of the development


cycle.-Shift Left security

8.Which of the following can be used to ensure the security of the CI/CD pipeline?-
all

9.How many distinct areas does the AppSec pipeline comprise?-Four

10.An AppSec pipeline applies the principle of _________ into the application
security program.-DevOps and Lean

12. SAST is also known as ____________.-white box testing

13._______ helps in meditating multi-availability zone residency regularly.-chaos


gorilla

14. SAST requires the application to be running.-false

15.Static Application security testing can be used to uncover issues related to


operational deployment.false

16.Which of the following SAST tools analyze to uncover vulnerabilities?All

17.Which of the following is an advantage of DevSecOps?All

18.In ________ type of IT setup, developers or operations teams automatically


manage and provision the technology stack for an application through software.-
infrastructure as code

19. In _________ approach, the code is analyzed for security vulnerabilities, while
the application is run either manually or by an automated test. iast

20.____________ software development methodology characterizes security as a


primary consideration throughout the processes of development and delivery of
software. Rugged DevOps

21.______ helps in validating if the server can handle degradation.-latency monkey

22. Dynamic Application Security testing is also known as __________-black box


testing
23. Which of the following can be considered as a sound monitoring approach?- siem

24. RASP works as a network device.false

You might also like