ECCouncil EC-Council Certified DevSecOps Engineer (ECDE) (312-97) Free Practice Test
Question 1
(Trevor Noah has been working as a DevSecOps engineer in an IT company located in Detroit, Michigan. His team leader asked him to perform continuous threat modeling using ThreatSpec. To do so, Trevor installed and initialized ThreatSpec in the source code repository; he then started annotating the source code with security issues, actions, or concept. Trevor ran ThreatSpec against the application code and he wants to generate the threat model report. Which of the following command Trevor should use to generate the threat model report using ThreatSpec?.)
Correct Answer: B
Explanation: Only visible for TestSimulate members. You can sign-up / login (it's free).
Question 2
(PentaByte is a software product development company located in Austin, Texas. The organization would like to secure communication methods to maintain confidentiality and security. How can PentaByte achieve secure by communication secure coding principle?)
Correct Answer: A
Explanation: Only visible for TestSimulate members. You can sign-up / login (it's free).
Question 3
(Nicholas Cascone has recently been recruited by an IT company from his college as a DevSecOps engineer.
His team leader asked him to integrate GitHub Webhooks with Jenkins. To integrate GitHub Webhooks with Jenkins, Nicholas logged in to GitHub account; he then selected Settings > Webhooks > Add Webhook. In the Payload URL field, he is supposed to add Jenkins URL. Which of the following is the final Jenkins URL format that Nicholas should add in Payload URL field of GitHub to configure GitHub Webhooks with Jenkins?.)
His team leader asked him to integrate GitHub Webhooks with Jenkins. To integrate GitHub Webhooks with Jenkins, Nicholas logged in to GitHub account; he then selected Settings > Webhooks > Add Webhook. In the Payload URL field, he is supposed to add Jenkins URL. Which of the following is the final Jenkins URL format that Nicholas should add in Payload URL field of GitHub to configure GitHub Webhooks with Jenkins?.)
Correct Answer: D
Explanation: Only visible for TestSimulate members. You can sign-up / login (it's free).
Question 4
(Brett Ryan has been working as a senior DevSecOps engineer in an IT company in Charleston, South Carolina. He is using git-mutimail tool to send email notification for every push to git repository. By default, the tool will send one output email providing details about the reference change and one output email for every new commit due to a reference change. How can Brett ensure that git-multimail is set up appropriately?)
Correct Answer: C
Explanation: Only visible for TestSimulate members. You can sign-up / login (it's free).
Question 5
(Victor Garber is a DevSecOps team leader in SanSec Pvt. Ltd. His organization develops various types of software products and web applications. Currently, his team is working on security of Java-based web application product. How can Victor identify vulnerabilities that are missed in pre-production testing activities?.)
Correct Answer: B
Explanation: Only visible for TestSimulate members. You can sign-up / login (it's free).
Question 6
(Steven Smith has been working as a DevSecOps engineer in an IT company that develops software products related to the financial sector. His team leader asked him to integrate Conjur with Jenkins to secure the secret credentials. Therefore, Steven downloaded Conjur.hpi file and uploaded it in the Upload Plugin section of Jenkins. He declared host and layers, and declared the variables. Which of the following commands should Steven use to set the value of variables?)
Correct Answer: D
Explanation: Only visible for TestSimulate members. You can sign-up / login (it's free).
Question 7
(Richard Branson has been working as a DevSecOps engineer in an IT company since the past 7 years. He has launched an application in a container one month ago. Recently, he modified the container and would like to commit the changes to a new image. Which of the following commands should Branson use to save the current state of the container as a new image?.)
Correct Answer: C
Explanation: Only visible for TestSimulate members. You can sign-up / login (it's free).
Question 8
(Erica Mena has been working as a DevSecOps engineer in an IT company that provides customize software solutions to various clients across United States. To protect serverless and container applications with RASP, she would like to create an Azure container instance using Azure CLI in Microsoft PowerShell. She created the Azure container instance and loaded the container image to it. She then reviewed the deployment of the container instance. Which of the following commands should Erica run to get the logging information from the Azure container instance? (Assume the resource group name as ACI and container name as aci-test- closh.))
Correct Answer: C
Explanation: Only visible for TestSimulate members. You can sign-up / login (it's free).
Question 9
(Christopher Brown has been working as a DevSecOps engineer in an IT company that develops software and web applications for an ecommerce company. To automatically detect common security issues and coding error in the C++ code, she performed code scanning using CodeQL in GitHub. Which of the following entries will Christopher find for CodeQL analysis of C++ code?)
Correct Answer: A
Explanation: Only visible for TestSimulate members. You can sign-up / login (it's free).