ExamGecko
Search Search Login
Home Home / Cisco / 300-910
Question list
Search
Search

List of questions

Search
Open VPLUS File
Convert VPLUS to PDF

Related questions

Refer to the exhibit. An organization has issues with code-based failures after implementing a CI/CD pipeline to automate the builds and deployment phases of an application. Which action must be added to the pipeline, after the application is deployed in the staging environment to minimize failures and to ensure a successful continuous deployment?
When DevOps practices are integrated into an existing organization, which two characteristics are positive indicators of DevOps maturity? (Choose two.)
An IT team plans to deploy a new service built on top of an existing service. The capacity needed for the new service is difficult to estimate because the demand for the new service is undetermined. The team has these deployment requirements: • A subset of the users of the original service must be migrated to the new service based on their profile • The new service must be rolled back easily if capacity exceeds estimates Which deployment strategy must be used?
DRAG DROP Drag and drop the operations from the left into the correct order on the right when using CI/CD, assuming that there are no failures or conflicts.
DRAG DROP The IaC configuration for an application is being deployed using a CI/CD pipeline. Drag and drop the steps for this pipeline from the left into the correct order that they would be executed on the right. Not all options are used.
An application is being developed to be used by the HR department of a company on a global scale. The application will be used as a central repository for employee contracts. For user access, a RADIUS server will be used with authorized user groups. Which action must be used to prevent developers from accidentally committing secrets in the code?
An organization is developing an application using Git. Each team member is assigned to work on specific parts of the application. At the end of each task, individual code parts are merged in the main build. Which two requirements should be implemented to increase the likelihood of continuous integration? (Choose two.)
What is a principle of chaos engineering?
DRAG DROP Refer to the Exhibit. Drag and drop the code snippets from the bottom onto the boxes in the code in the Ansible playbook to restart multiple services in the correct sequence Not all options are used
DRAG DROP A DevOps engineer is designing a precheck validation of the network state in a CI/CD pipeline and must implement this workflow: • Take a source Docker image named alpine • Define two stages named build and push • Check network connectivity before the stages run • Fetch the latest Docker image • Create a new Docker image and push it to the registry • Tag the new Docker image as the latest version Drag and drop the code snippets from the bottom onto the boxes in the GitLab CI configuration to achieve the requirements for the design. Not all options are used.

Question 2 - 300-910 discussion

Report
Export

Which two practices help make the security of an application a more integral part of the software development lifecycle? (Choose two.)

A.

Add a step to the CI/CD pipeline that runs a dynamic code analysis tool during the pipeline execution.

Answers
A.

Add a step to the CI/CD pipeline that runs a dynamic code analysis tool during the pipeline execution.

B.

Add a step to the CI/CD pipeline that runs a static code analysis tool during the pipeline execution.

Answers
B.

Add a step to the CI/CD pipeline that runs a static code analysis tool during the pipeline execution.

C.

Use only software modules that are written by the internal team.

Answers
C.

Use only software modules that are written by the internal team.

D.

Add a step to the CI/CD pipeline to modify the release plan so that updated versions of the software are made available more often.

Answers
D.

Add a step to the CI/CD pipeline to modify the release plan so that updated versions of the software are made available more often.

E.

Ensure that the code repository server has enabled drive encryption and stores the keys on a Trusted Platform Module or Hardware Security Module.

Answers
E.

Ensure that the code repository server has enabled drive encryption and stores the keys on a Trusted Platform Module or Hardware Security Module.

Suggested answer: A, B

Explanation:

Adding a step to the CI/CD pipeline that runs a dynamic code analysis tool and a static code analysis tool during the pipeline execution helps make the security of an application a more integral part of the software development lifecycle.

Dynamic code analysis tools search for coding errors and vulnerabilities while the application is running, while static code analysis tools scan the source code for potential errors and vulnerabilities. This ensures that any security issues are identified and addressed before the application is deployed. Additionally, using automated tools helps to reduce the amount of manual effort required for security testing and can reduce the risk of security flaws being introduced.

Show Answer
asked 10/10/2024
Alvin Thomas
46 questions
PreviousPreviousNextNext
User
Your answer:
0 comments
Sorted by

Leave a comment first

ExamGecko

Copyright @2023 ExamGecko | All right reserved

Mail us: [email protected]
About us
Contact us
Twitter X
Facebook
Medium
Convert VPLUS to PDF
Open VPLUS files Easily and Quickly
Privacy Policy
Disclaimer
Terms