Chapter 6 Application deployment and security

Question 1

Typically, large organizations use a four-tier structure

Answer 1

Development, testing, staging, and production.

Question 2

What are the most common deployment models?

Answer 2

• Bare Metal
• Virtual Machine
• Container-based infraestructure
• serveless computing

Question 3

Is software that creates and manages VMs

Answer 3

Hipervisor

Question 4

The total amount of virtual memory allocated to these three VMs is greater than the amount of RAM available on the host machine. This is called

Answer 4

Overcommiting

Question 5

What are types of infraestructures

1. On-Premises
2. On-Line
3. Private Cloud
4. Working-Cloud
5. Public-Cloud
6. Hybrid-Cloud
7. Static-Cloud
8. Edge-Cloud

Answer 5

1, 2, 3, 5, 6, 7

Question 6

Infraestructure any system that is literally withim the confines of your building

Answer 6

On-premises

Question 7

Infraestructure that is a system that provides self-service provisioning for compute resources, networking, and storage.

Answer 7

Private Cloud

Question 8

Infraestructure that is gaining popularity because of the growth of the Internet of Things (IoT). These connected devices, such as connected cameras, autonomous vehicles, and even smartphones, increasingly benefit from computing power that exists closer to them on the network.

Answer 8

Edge Cloud

Question 9

Is a format that wraps a number of different technologies to create what we know today as containers

Answer 9

Dockers

Question 10

Is a philosophy for software deployment that figures prominently in the field of DevOps. DevOps itself is about communication and making certain that all members of the team are working together to ensure smooth operation.

Answer 10

Continuous Integration/Continuous Deployment (CI/CD)

Question 11

In CI/CD In order to avoid impacting users, or at least to limit the impact, you can use deployment strategies such as:

Answer 11

• Rolling upgrade
• Canary pipeline
• Blue-green deployment

Question 12

Deploymente strategy/ In this case, the new version is rolled out to a subset of users (or servers, depending on the architecture). If these users experience problems, the changes can be easily rolled back. If these users do not experience problems, the changes are rolled out to the rest of production.

Answer 12

Canary pipeline

Question 13

This is the most straightforward version of Continuous Delivery, in which changes are periodically rolled out in such a way that they do not impact current users, and nobody should have to “reinstall” the software.

Answer 13

Rolling upgrade

Question 14

In this case, an entirely new environment (Blue) is created with the new code on it, but the old environment (Green) is held in reserve. If users on the new environment experience problems, traffic can be diverted back to the original environment

Answer 14

Blue / Green deployment

Question 15

Integration with agile methofdology
Shorter Mean Time to resolution
Automated deployment
Less disruptive feature releases
Improve quality
Improve time to market

Answer 15

CI/CD Benefits

Question 16

What are some of the applications you need to consider when it comes to cloud deployment:

Answer 16

• Firewalls
• Load balancers
• DNS
• Reverse proxies

Question 17

Different ways that a Load Balancer manage a particular request….

Answer 17

• Persist session
• Rounf Robin
• Least connection
• Ip hash

Question 18

Works to make sure responses look like they all come from the same server.

Answer 18

Reverse Proxy

Question 19

is a code injection technique that is used to attack data-driven applications, in which malicious SQL statements are inserted into an entry field for execution (e.g. to dump the database contents to the attacker). SQL injection must exploit a security vulnerability in an application’

Answer 19

SQL Injection

Question 20

Examples of SQL Injection detection tools

Answer 20

• SQLmap
• SQLninja

Question 21

Are designed to analyze source code and/or compiled versions of code to help find security flaws.

Answer 21

Static Application Security Testing (SAST)

Question 22

Detect SQL injections based on the number of invalid queries from a host, while there are OR and UNION blocks inside of the request, or others.

Answer 22

Database firewalls

Question 23

This coding style allows the database to distinguish between code and data, regardless of what user input is supplied.

Answer 23

Use prepared statements

Question 24

Happen when user-submitted content that has not been sanitized is displayed to other users. The most obvious version of this exploit is where one user submits a comment that includes a script that performs a malicious action, and anyone who views the comments page has that script executed on their machine.

Answer 24

Cross-Site Scripting (XSS)

Question 25

Sometimes pronounced “Sea Surf.” In both cases, the attacker intends for the user to execute the attacker’s code, usually without even knowing it. The difference is that CSRF attacks are typically aimed not at the target site, but rather at a different site, one into which the user has already authenticated.

Answer 25

Cross-Site Request Forgery (CSRF)

Question 26

Refers to “chopping something into small pieces” to make it look like a “confused mess”.

Answer 26

Hashing

Question 27

A company has remote employees who need to connect to the company network in order to participate in meetings and to share the data and progress of application development. Which data transportation security technique can be implemented to allow remote employees to securely connect to the company private network?

Answer 27

Virtual Private Network (VPN)

Question 28

What type of test is used to identify the possible weak spots in applications, servers,
or networks?
a. Pen
b. White box
c. Eraser
d. Unit

Answer 28

A

Question 29

Which of the following is a tool that can be used for network discovery and security
auditing?
a. Nslookup
b. Nmap
c. ps
d. curl

Answer 29

B

Question 30

What is the minimum number of identity components MFA uses to authenticate a
user’s identity?
a. One
b. Two
c. Three
d. Four

Answer 30

B

Question 31

Which of the following is used for fingerprinting of data to detect whether the data
has been modified?
a. Private key
b. Public key
c. One-way hash
d. Certificate

Answer 31

A,C

Question 32

Data needs to be secured in multiple locations. Which of the following are the correct
locations?
a. Memory, storage, and network
b. Flash, wire, and optics
c. Hard disk, database, and analytics
d. AWS, Google Cloud, and Azure

Answer 32

A

Question 33

Which modes best describe IDSs and IPSs, respectively?
a. Passive, passive
b. Passive, active
c. Active, passive
d. Active, active

Answer 33

B

Question 34

Which characteristic matches an SaaS deployment model?
a. Provider deploys your software customizations.
b. Any update to the software requires a new license.
c. You can recommend tweaks to the underlying infrastructure.
d. None of the above

Answer 34

D

Question 35

Which is a good deployment model for real-time IoT sensors?
a. SaaS model
b. Edge computing model
c. Private cloud model
d. Hybrid cloud model

Answer 35

B

Question 36

In which of the following ways are containers different from virtual machines?
(Choose two.)
a. Containers have less storage requirements than VMs.
b. VMs can run any operating system, but containers run only on Linux.
c. Containers start in 500 ms, and VMs start in minutes.
d. VMs are better if you have a microservice architecture.

Answer 36

A,C

Question 37

Which deployment method is best for processes that are run periodically?
a. Serverless
b. Containers
c. Virtual machines
d. All of the above

Answer 37

A

Question 38

What is the second way of DevOps?
a. Automation
b. Continuous learning and experimentation
c. Culture
d. Feedback loop

Answer 38

D

Question 39

What is continuous integration?
a. Automated software delivery and deployment
b. An Agile software development technique
c. The process of merging development work with the code base for automated
testing
d. None of the above

Answer 39

C

Question 40

A Docker images uses what type of file system?
a. Layered file system
b. NFS
c. XFS
d. Union file system

Answer 40

D

Question 41

What command do you use to launch an nginx container on port 80 of the host file
system?
a. docker image build -p 80 nginx
b. docker start -it -d nginx -p 80|80
c. docker container run -p 80:80 -d nginx
d. None of the above

Answer 41

C

Question 42

• Cost
• Scalability
• easy to use and write code for

Answer 42

Advantages of serveless deployment