ECCouncil 312-97 - Certified DevSecOps Engineer (ECDE) Exam
Page: 2 / 20
Total 100 questions
Question #6 (Topic: Exam A)
Rachel Maddow has been working at RuizSoft Solution Pvt. Ltd. for the past 7 years as a senior DevSecOps engineer. To develop software products quickly and securely, her organization has been using AWS DevOps services. On January 1, 2022, the software development team of her organization developed a spring boot application with microservices and deployed it in AWS EC2 instance. Which of the following AWS services should Rachel use to scan the AWS workloads in EC2 instance for security issues and unintended network exposures?
A. AWS WAF
B. Amazon CloudWatch
C. AWS Inspector
D. AWS Config
Answer: C
Question #7 (Topic: Exam A)
GainInsights is an IT company that develops mobile applications software. On February 11, 2022, the organization became a victim of a cyber-attack. The attacker targeted the organization’s application and compromised some important functionality. After the incident, the DevSecOps team of GainInsights identified the cause of the security issue, resolved it, and noted it for future reference. Based on this information, which of the following set of tests was conducted by GainInsights?
A. Security smoke tests
B. Security acceptance tests
C. White box testing
D. Blameless post-mortem
Answer: D
Question #8 (Topic: Exam A)
Kevin Williamson is working as a DevSecOps engineer in an IT company located in Los Angles, California. His team has integrated Jira with Jenkins to view every issue on Jira, including the status of the latest build or successful deployment of the work to an environment. Which of the following can Kevin use to search issues on Jira?
A. Java query language
B. Jira query language
C. Structured query language
D. Atlassian query language
Answer: B
Question #9 (Topic: Exam A)
William Friedkin has been working as a DevSecOps engineer in an IT company for the past 3 years. His team leader has asked him to validate the host configuration that runs the Docker containers and perform security checks at the container level by implementing Docker’s CIS Benchmark Recommendations. Therefore, William would like to integrate Docker Bench with Jenkins to incorporate security testing in DevOps workflow and secure the Docker Container. Before starting the procedure, he would like to install openssh on Ubuntu. Which of the following command should William run to install openssh on Ubuntu?
A. sudo apt-get -s install openssh-server
B. sudo apt-get install openssh-server
C. sudo apt.get install openssh-server
D. sudo apt.get -s install openssh-server
Answer: B
Question #10 (Topic: Exam A)
William O’Neil has been working as a senior DevSecOps engineer in an IT company that develops software products related to ecommerce. At this point in time, his team is working on securing a python-based application. Using GitGraber, William would like to detect sensitive information in real-time in his organizational GitHub repository. Therefore, he downloaded GitGraber and installed the dependencies. Which of the following commands should William use to find secrets using a keyword (assume the keyword is yahoo)?
A. python3 gitGraber.py -p wordlist/keywordsfile.txt -q “\yahoo\” -s
B. python3 gitGraber.py -g wordlist/keywordsfile.txt -q “\yahoo\” -s
C. python3 gitGraber.py -k wordlist/keywordsfile.txt -q “\yahoo\” -s
D. python3 gitGraber.py -w wordlist/keywordsfile.txt -q “\yahoo\” -s
Answer: D
