ExamGecko
Search Search Login
Home Home / Cisco / 300-910
Question list
Search
Search

List of questions

Search
Open VPLUS File
Convert VPLUS to PDF

Related questions

Refer to the exhibit. An organization has issues with code-based failures after implementing a CI/CD pipeline to automate the builds and deployment phases of an application. Which action must be added to the pipeline, after the application is deployed in the staging environment to minimize failures and to ensure a successful continuous deployment?
When DevOps practices are integrated into an existing organization, which two characteristics are positive indicators of DevOps maturity? (Choose two.)
DRAG DROP Drag and drop the operations from the left into the correct order on the right when using CI/CD, assuming that there are no failures or conflicts.
DRAG DROP The IaC configuration for an application is being deployed using a CI/CD pipeline. Drag and drop the steps for this pipeline from the left into the correct order that they would be executed on the right. Not all options are used.
An IT team plans to deploy a new service built on top of an existing service. The capacity needed for the new service is difficult to estimate because the demand for the new service is undetermined. The team has these deployment requirements: • A subset of the users of the original service must be migrated to the new service based on their profile • The new service must be rolled back easily if capacity exceeds estimates Which deployment strategy must be used?
An application is being developed to be used by the HR department of a company on a global scale. The application will be used as a central repository for employee contracts. For user access, a RADIUS server will be used with authorized user groups. Which action must be used to prevent developers from accidentally committing secrets in the code?
An organization is developing an application using Git. Each team member is assigned to work on specific parts of the application. At the end of each task, individual code parts are merged in the main build. Which two requirements should be implemented to increase the likelihood of continuous integration? (Choose two.)
Which two statements about Infrastructure as Code are true? (Choose two.)
What is a principle of chaos engineering?
DRAG DROP Refer to the Exhibit. Drag and drop the code snippets from the bottom onto the boxes in the code in the Ansible playbook to restart multiple services in the correct sequence Not all options are used

Question 62 - 300-910 discussion

Report
Export

A security team is running vulnerability scans against a CI/CD pipeline. The reports show that RDBMS secrets were found hardcoded in Ansible scripts. The RDBMS resides in the internal network but is accessible from a jump server that resides in a public network.

If an attacker gains access to the scripts, what is the risk exposure?

A.

The Automation server is at risk of being compromised.

Answers
A.

The Automation server is at risk of being compromised.

B.

The Ansible scripts run through encrypted SSH connections.

Answers
B.

The Ansible scripts run through encrypted SSH connections.

C.

The internal network is at risk of being compromised.

Answers
C.

The internal network is at risk of being compromised.

D.

The entire CI/CD-related infrastructure is at risk.

Answers
D.

The entire CI/CD-related infrastructure is at risk.

Suggested answer: C

Explanation:

The internal network is at risk of being compromised if an attacker gains access to the Ansible scripts, as the scripts contain hardcoded secrets for the RDBMS which is accessible from a jump server in a public network. This presents a risk as the secrets can be used to gain access to the RDBMS, and from there, the attacker could potentially gain access to the internal network. Additionally, the entire CI/CD-related infrastructure could be at risk if the attacker is able to gain access to the RDBMS, as they could potentially manipulate the data or scripts in order to cause disruption or damage.

Show Answer
asked 10/10/2024
John Ordonez
30 questions
PreviousPreviousNextNext
User
Your answer:
0 comments
Sorted by

Leave a comment first

ExamGecko

Copyright @2023 ExamGecko | All right reserved

Mail us: [email protected]
About us
Contact us
Twitter X
Facebook
Medium
Convert VPLUS to PDF
Open VPLUS files Easily and Quickly
Privacy Policy
Disclaimer
Terms