Developing Applications using Cisco Core Platforms and APIs (DEVCOR) v1.0 (350-901)

Page:    1 / 7   
Total 93 questions

Into which two areas are AppDynamics APIs categorized? (Choose two.)

  • A. application-centric
  • B. analytics-events
  • C. database-visibility
  • D. platform-side
  • E. agent-side

Answer : DE

Refer to the exhibit. This script uses ciscoyang to configure two VRF instances on a Cisco IOS-XR device using the Yang NETCONF type.
Which two words are required to complete the script? (Choose two.)

  • A. ensure
  • B. commit
  • C. false
  • D. replace
  • E. none

Answer : CD

There is a requirement to securely store unique usernames and passwords. Given a valid username, it is also required to validate that the password provided is correct. Which action accomplishes this task?

  • A. Encrypt the username, hash the password, and store these values.
  • B. Hash the username, hash the password, and store these values.
  • C. Encrypt the username, encrypt the password, and store these values.
  • D. Hash the username, encrypt the password, and store these values.

Answer : A

While developing an application following the 12-factor app methodology, which approach should be used in the application for logging?

  • A. Write a log to a file in the application directory.
  • B. Write a log to a file in /var/log.
  • C. Write the logs buffered to stdout.
  • D. Write the logs unbuffered to stdout.

Answer : D

An application has initiated an OAuth authorization code grant flow to get access to an API resource on behalf of an end user.
Which two parameters are specified in the HTTP request coming back to the application as the end user grants access? (Choose two.)

  • A. access token and a refresh token with respective expiration times to access the API resource
  • B. access token and expiration time to access the API resource
  • C. redirect URI a panel that shows the list of permissions to grant
  • D. code that can be exchanged for an access token
  • E. state can be used for correlation and security checks

Answer : AB

A web application is susceptible to cross-site scripting. Which two methods allow this issue to be mitigated? (Choose two.)

  • A. Use only drop downs.
  • B. Limit user input to acceptable characters.
  • C. Encrypt user input on the client side.
  • D. Use AES encryption to secure the script.
  • E. Remove all HTML/XML tags from user input.

Answer : BD

Refer to the exhibit. A company has extended networking from the data center to the cloud through Transit VPC.
Which two statements describe the benefits of this approach? (Choose two.)

  • A. Dynamic routing combined with multi-AZ- deployment creates a robust network infrastructure.
  • B. VPC virtual gateways provide highly available connections to virtual networks.
  • C. Dedicated VPC simplifies load balancing by combining internal and external web services.
  • D. VPC virtual gateways provide more secure connections to virtual networks.
  • E. Dedicated VPC simplifies routing by not combining this service with other shared services.

Answer : BD

A developer has just completed the configuration of an API that connects sensitive internal systems. Based on company policies, the security of the data is a high priority.
Which approach must be taken to secure API keys and passwords?

  • A. Embed them directly in the code.
  • B. Store them in a hidden file.
  • C. Store them inside the source tree of the application.
  • D. Change them periodically.

Answer : D

Which two principles are included in the codebase tenet of the 12-factor app methodology? (Choose two.)

  • A. An application is always tracked in a version control system.
  • B. There are multiple codebases per application.
  • C. The codebase is the same across all deploys.
  • D. There can be a many-to-one correlation between codebase and application.
  • E. It is only possible to have one application deployment per codebase.

Answer : AE

What is submitted when an SSL certificate is requested?

  • A. PEM
  • B. CRT
  • C. DER
  • D. CSR

Answer : D

Which tow actions must be taken when an observable microservice application is developed? (Choose two.)

  • A. Know the state of a single instance of a single service.
  • B. Place “try/except†statement in code.
  • C. Place log statements in the code.
  • D. Use distributed tracing techniques.
  • E. Deploy microservice to multiple datacenters.

Answer : BC

Which two countermeasures help reduce the risk of playback attacks? (Choose two.)

  • A. Store data in a NoSQL database.
  • B. Implement message authentication (HMAC).
  • C. Enable end-to-end encryption.
  • D. Remove stack traces from errors.
  • E. Use short-lived access tokens.

Answer : BE

Which type of file is created from issued intermediate, root, and primary certificates for SSL installation on a server?

  • A. DER
  • B. CSR
  • C. PEM
  • D. CRT

Answer : C


Refer to the exhibit. Drag and drop the code snippets from the left onto the item numbers on the right that match the missing sections in the curl exhibit to complete the cURL request to FirePower Device Manager API to create objects. Not all code snippets are used.
Select and Place:

Answer :

Which two statements describe advantages of static code analysis over unit tests? (Choose two.)

  • A. It checks for potential tainted data where input is not checked.
  • B. It enforces proper coding standards and style.
  • C. It performs a quick analysis of whether tests will pass or fail when run.
  • D. It checks for race conditions in threaded applications.
  • E. It estimates the performance of the code when run.

Answer : BC

Page:    1 / 7   
Total 93 questions