Chapter 2 Integrating Software Applications into Enterprise Mark B

Question 1

Which of the following is a container API?

A. VMware
B. Kubernetes
C. Hyper-V
D. Docker

Answer 1

B. Kubernetes

Question 2

Why would a company adopt secure coding standards?

A. To ensure most privilege
B. To adhere to the principle of least privilege
C. To sanitize data sent to other systems
D. To practice defense in depth
E. To deploy effective QA techniques

Answer 2

B. To adhere to the principle of least privilege
C. To sanitize data sent to other systems
D. To practice defense in depth
E. To deploy effective QA techniques

Question 3

Why does Microsoft have an application vetting process for Windows Store applications?

A. To ensure products are marketable
B. To ensure applications are stable and secure
C. To make sure patches will be made available
D. To ensure HTTP is used instead of HTTPS

Answer 3

B. To ensure applications are stable and secure

Question 4

What is the most important for a development team validating third party libraries?

A. Third party libraries may have vulnerabilities
B. Third party libraries may be imcompatible
C. Third party libraries may not support DNSSEC
D. Third party libraries may have licensing restrictions

Answer 4

A. Third party libraries may have vulnerabilities
D. Third party libraries may have licensing restrictions

Question 5

What is the advantage of using the DevOps pipeline methodology?

A. Long lead times
B. Extensive pre deployment testing
C. Continuous delivery
D. Siloed operations and development environments

Answer 5

C. Continuous delivery

Question 6

What is the importance of software code signing?

A. Encrypted code modules
B. Software QA
C. Software integrity
D. Software agility

Answer 6

B. Software QA

Question 7

Which of the following is a common tool used to perform Dynamic Application Security Testing (DAST)?

A. Network enumerator
B. Sniffer
C. Fuzzer
D. WiFi Analyzer

Answer 7

C. Fuzzer

Question 8

What type of code must we have to perform Static Application Security Testing (SAST)?

A. Compiled Code
B. Dynamic Code
C. Source Code
D. Binary Code

Answer 8

C. Source Code

Question 9

What will my sales team use to manage sales opportunities?

A. CRM
B. ERP
C. CMDB
D. DNS

Answer 9

A. CRM

Question 10

What would be a useful tool to integrate all business functions within an enterprise?

A. CRM
B. ERP
C. CMDB
D. DNS

Answer 10

B. ERP

Question 11

What would be a useful tool to track all configurable assets within an enterprise?

A. CRM
B. ERP
C. CMDB
D. DNS

Answer 11

C. CMDB

Question 12

How can I ensure content is made accessible to the appropriate users through my web based poral?

A. CRM
B. CMS
C. CMDB
D. CCMP

Answer 12

B. CMS

Question 13

How can I protect my DNS servers from cache poisoning?

A. DMARC
B. DNSSEC
C. Strict Transport Security
D. IPSec

Answer 13

B. DNSSEC

Question 14

What is it called when software developers break up code into modules, each one being an independently functional unit?

A. SOA
B. ESB
C. Monolithic Architecture
D. Legacy Architecture

Answer 14

A. SOA

Explanation:

Question 15

What is the most important consideration when planning for system end of life?

A. To ensure systems can be repurposed
B. To ensure there are no data remnants
C. To comply with environmental standards
D. To ensure systems do not become obsolete

Answer 15

B. To ensure there are no data remnants

Question 16

What type of software testing is used when there has been a change within the existing environment?

A. Regression testing
B. Pentesting
C. Requirements validation
D. Release Testing

Answer 16

A. Regression testing

Question 17

What is it called when the development and operations teams work together to ensure that code released to the production environment is secure?

A. DevOps
B. Team building exercises
C. Tabletop exercises
D. SecDevOps

Answer 17

D. SecDevOps

Question 18

What software development approach would involve regular meeting with the customer and developers throughout the development process?

A Agile
B. Waterfall
C. Spiral
D. Build and Fix

Answer 18

A Agile

Question 19

What software development apporach would involve meeting with the customer and developers at the definition stage and then at the end of the development process?

A. Agile
B. Waterfall
C. Spiral
D. Build and Fix

Answer 19

B. Waterfall

Question 20

What software development approach would involve meetings with the customer aand developers at the end of a development cycle, allowing for changes to be made for the next iteration?

A. Agile
B. Waterfall
C. Spiral
D. Build and Fix

Answer 20

C. Spiral

Question 21

Where will we ensure the proper HTTP headers are configured?

A. Domain Controller
B. DNS Server
C. Web Server
D. Mail Server

Answer 21

C. Web Server