Questions for the DEVSECOPS were updated on : Dec 01 ,2025
Page 1 out of 3. Viewing questions 1-15 out of 40
Question 1
Which of the following BEST describes a key characteristic of a lesson learned that ensures it will be used to reduce or eliminate the potential foe failures and future mishaps?
A. It is valid in factual and technical correctness
B. It is a confirmed historical act or outcome
C. The majority of stakeholders believe the data to be true
D. A third party has identified the past activity as significant
Answer:
A
User Votes:
A
50%
B
50%
C
50%
D
50%
Discussions
0/ 1000
Question 2
Visual tactile, and auditory are modalities of formal learning Which of the following is BEST described as the fourth major modality of formal learning?
A. Story based
B. Kinesthetic
C. Demonstration
D. Observe live
Answer:
D
User Votes:
A
50%
B
50%
C
50%
D
50%
Discussions
0/ 1000
Question 3
How can in-house security experts BEST support DevSecOps in the organization?
A. Transform themselves into coaches and tool smiths
B. Get involved in the SDLC before a service goes live
C. Attend trainings to enhance practical security skills
D. Perform regular security assessments and pen tests
Answer:
B
User Votes:
A
50%
B
50%
C
50%
D
50%
Discussions
0/ 1000
Question 4
Which of the following is BEST described by the statement containers that access an disks mounted on the host and have read-write access to files''?
A. A risk of using privileged containers
B. A benefit of container credentials
C. A requirement for container isolation
D. A need for container immutability
Answer:
C
User Votes:
A
50%
B
50%
C
50%
D
50%
Discussions
0/ 1000
Question 5
Monitoring detected that a batch fob started and completed at specific times. Which of the following is the MOST appropriate response to this event?
A. No action is immediately required
B. Operations is notified to investigate
C. An modem is togged to record me runtime
D. A management escalation notification is triggered
Answer:
B
User Votes:
A
50%
B
50%
C
50%
D
50%
Discussions
0/ 1000
Question 6
Which or the following BEST describes the proper order of the main stages of continuous integration and the continuous delivery?
A. Develop commit, build, lest provision release, and deploy
B. Design, develop build test, provision deploy and release
C. Develop commit, build test provision deploy and release
D. Design develop build test provision release and deploy
Answer:
B
User Votes:
A
50%
B
50%
C
50%
D
50%
Discussions
0/ 1000
Question 7
Which of the following BEST fills in the bank? "In DevSecOps environments information security is__________as much as possible into the daily work of development and operations".
A. Designed
B. Embedded
C. integrated
D. Automated
Answer:
A
User Votes:
A
50%
B
50%
C
50%
D
50%
Discussions
0/ 1000
Question 8
Which of the following BEST describes automated security testing?
A. Ensures that automated orchestration and provisioning software covers the scope of the application stack
B. Ensures that continuous delivery pipelines integrate testing suites and capabilities into their toolchains
C. Ensures that infrastructure and networks are software defined to enable rapid and reliable deployments
D. Ensures that applications are developed to deliver the expected results and reveal any programming errors early
Answer:
C
User Votes:
A
50%
B
50%
C
50%
D
50%
Discussions
0/ 1000
Question 9
Which of the following is NOT a security requirement unique to mobile applications?
A. Source code must be checked for programmatic and stylistic errors
B. Secrets information must be stored for secure back-end service calls
C. They must be designed to run safely outside of the secure network
D. Data must be kept secure to prevent leaking to other applications
Answer:
A
User Votes:
A
50%
B
50%
C
50%
D
50%
Discussions
0/ 1000
Question 10
Which of the following BEST describes a public key cryptography architect?
A. A person sends a message that is encrypted by using their private key, and the receiver must also use that private key to decipher the message.
B. Messages are encrypted into cipher text and then are deciphered upon receipt by using a pair of public keys.
C. Messages are encrypted into cipher text and then are deciphered upon receipt by using a pair of secure private keys.
D. A person sends a message that is encrypted by the use of a public key, and the receiver can decipher the message using their private key.
Answer:
C
User Votes:
A
50%
B
50%
C
50%
D
50%
Discussions
0/ 1000
Question 11
Which of the following BEST describes the goats of phishing? 1. Update web browser 2. Install risky malware 3. Steal key user data 4. Push new products
A. 1 and 2
B. 2 and 3
C. 3 and 4
D. 1 and 4
Answer:
B
User Votes:
A
50%
B
50%
C
50%
D
50%
Discussions
0/ 1000
Question 12
Which of the following BEST describes an example of technical or design dew when designing for defensibility?
A. Not prioritizing the set of critical customer feature in the current sprint
B. Not including the addition of security controls in the definition of done
C. Not developing comprehensive documentation and training material
D. Not establishing all the product requirements prior to the first iteration
Answer:
B
User Votes:
A
50%
B
50%
C
50%
D
50%
Discussions
0/ 1000
Question 13
When of the following BEST describes now the security principle of validation of a user’s access and actions differ within a DevSecOps mindset versus a more traditional approach to this principle?
A. The ad of validation is at the point of access
B. The act of validation is at the point of request
C. The act of validation is continuous and ongoing
D. The act of validation focuses on credentials.
Answer:
C
User Votes:
A
50%
B
50%
C
50%
D
50%
Discussions
0/ 1000
Question 14
Which of the following BEST describes a responsibility of a security champion?
A. Testing
B. inspiration
C. Development
D. Monitoring
Answer:
B
User Votes:
A
50%
B
50%
C
50%
D
50%
Discussions
0/ 1000
Question 15
None
A. Ensures that customer input into functional requirements is translated into descriptive user stones
B. Ensures that the software is designed and written to support integrity and compliance requirements
C. Ensures that the Ague definition of done includes both functional and nonfunctional requirements for value
D. Ensures that architectural residence is built into software design to ensure high availability requirements