2.3 Secure Deployments / Automation and Scripting Flashcards
What is the best way to confirm the secure baseline of a deployed application instance?
Perform an integrity measurement. These should be performed often and checked against well-defined baselines. If it fails it requires immediate correction.
What is an integrity measurement?
It’s a check for the secure baseline of:
Firewall settings
Patch levels
OS versions
Any other security components associated with the application
Where is the best place to test and incrementally develop code/applications?
Sandbox
What team verifies that features and functionality of an application are working properly?
The QA team
What is the final area of the testing before the application goes to the production environment?
The Staging environment
What is the Staging environment?
This is an area that acts much like the production environment. It will even use copies of production data to test the app. Performance, usability and features will be tested.
What kind of challenges arise when the new app is deployed?
You may have to train users on new app/features. Possible logistical challenges such as deploying new servers, new software, or interrupting service.
Because application development is a constantly changing process, what can we do to plan for those changes?
We can implement automation and scripting to help us react to problems that may occur when the app is executed.
What is continuous monitoring?
Maintaining ongoing awareness of information security, vulnerabilities, and threats to support organizational risk management decisions.
What is continuous integration?
A DevOps software development practice where developers regularly merge their code changes into a central repository, after which automated builds and tests are run.
What is continuous delivery?
Continuous delivery is an extension of continuous integration since it automatically deploys all code changes to a testing and/or production environment after the build stage.
This means that on top of automated testing, you have an automated release process and you can deploy your application any time by clicking a button.
What is continuous deployment?
Continuous deployment goes one step further than continuous delivery. With this practice, every change that passes all stages of your production pipeline is released to your customers. There’s no human intervention, and only a failed test will prevent a new change to be deployed to production.