Cisco 350-901 Practice Test - Questions Answers, Page 12
Question list
List of questions
Related questions
A web application is susceptible to cross-site scripting. Which two methods allow this issue to be mitigated? (Choose two.)
Use only drop downs.
Limit user input to acceptable characters.
Encrypt user input on the client side.
Use AES encryption to secure the script.
Remove all HTML/XML tags from user input.
Refer to the exhibit.
A company has extended networking from the data center to the cloud through Transit VPC.
Which two statements describe the benefits of this approach? (Choose two.)
Dynamic routing combined with multi-AZ- deployment creates a robust network infrastructure.
VPC virtual gateways provide highly available connections to virtual networks.
Dedicated VPC simplifies load balancing by combining internal and external web services.
VPC virtual gateways provide more secure connections to virtual networks.
Dedicated VPC simplifies routing by not combining this service with other shared services.
A developer has just completed the configuration of an API that connects sensitive internal systems.
Based on company policies, the security of the data is a high priority.
Which approach must be taken to secure API keys and passwords?
Embed them directly in the code.
Store them in a hidden file.
Store them inside the source tree of the application.
Change them periodically.
Which two principles are included in the codebase tenet of the 12-factor app methodology? (Choose two.)
An application is always tracked in a version control system.
There are multiple codebases per application.
The codebase is the same across all deploys.
There can be a many-to-one correlation between codebase and application.
It is only possible to have one application deployment per codebase.
What is submitted when an SSL certificate is requested?
PEM
CRT
DER
CSR
Which two actions must be taken when an observable microservice application is developed?
(Choose two.)
Know the state of a single instance of a single service.
Place "try/except" statement in code.
Place log statements in the code.
Use distributed tracing techniques.
Deploy microservice to multiple datacenters.
Which two countermeasures help reduce the risk of playback attacks? (Choose two.)
Store data in a NoSQL database.
Implement message authentication (HMAC).
Enable end-to-end encryption.
Remove stack traces from errors.
Use short-lived access tokens.
Which type of file is created from issued intermediate, root, and primary certificates for SSL installation on a server?
DER
CSR
PEM
CRT
Which two statements describe advantages of static code analysis over unit tests? (Choose two.)
It checks for potential tainted data where input is not checked.
It enforces proper coding standards and style.
It performs a quick analysis of whether tests will pass or fail when run.
It checks for race conditions in threaded applications.
It estimates the performance of the code when run.
Refer to the exhibit.
Which additional line results in the output of Test 1 upon execution of the docker run --rm devnet 1 command in a Dockerfile with this content?
CMD ["/bin/echo", "Test"]
RUN ["/bin/echo", "Test"]
ENTRYPOINT ["/bin/echo", "Test"]
CMD ["/bin/echo Test"]
Question