312-97 Practice Questions
EC-Council Certified DevSecOps Engineer (ECDE)
Last Update 1 day ago
Total Questions : 100
Dive into our fully updated and stable 312-97 practice test platform, featuring all the latest ECDE exam questions added this week. Our preparation tool is more than just a ECCouncil study aid; it's a strategic advantage.
Our free ECDE practice questions crafted to reflect the domains and difficulty of the actual exam. The detailed rationales explain the 'why' behind each answer, reinforcing key concepts about 312-97. Use this test to pinpoint which areas you need to focus your study on.
(William Scott, after completing his graduation in computer science, joined an IT company as a DevSecOps engineer. His team leader has asked him to use GitHub Code Scanning for evaluating the source code in his organization’s GitHub repository to detect security issues and coding errors. How can William set up coding scanning in GitHub repository?)
(Terry Crews has been working as a DevSecOps engineer at an IT company that develops software products and web applications related to IoT devices. She integrated Sqreen RASP tool with Slack for sending notifications related to security issues to her team. How can Sqreen send notification alerts to Slack?)
(Charles Rettig has been working as a DevSecOps engineer in an IT company that develops software and web applications for IoT devices. He integrated Burp Suite with Jenkins to detect vulnerabilities and evaluate attack vectors compromising web applications. Which of the following features offered by Burp Suite minimizes false positives and helps detect invisible vulnerabilities?)
(Joyce Vincent has been working as a senior DevSecOps engineer at MazeSoft Solution Pvt. Ltd. She would like to integrate Trend Micro Cloud One RASP tool with Microsoft Azure to secure container-based application by inspecting the traffic, detecting vulnerabilities, and preventing threats. In Microsoft Azure PowerShell, Joyce created the Azure container instance in a resource group (ACI) (named “aci-test-closh”) and loaded the container image to it. She then reviewed the deployment of the container instance. Which of the following commands should Joyce use to get the logging information from the container?.)
(Elizabeth Moss has been working as a DevSecOps engineer in an IT company located in San Diego, California. Due to the robust security and cost-effective service provided by AWS, her organization transferred all the workloads from on-prem to AWS cloud in 2017. Elizabeth would like to prevent committing AWS keys into repositories; therefore, she created a global git-templates directory using command line. Then, she created another directory, named it as hooks, wherein she created a file named pre-commit. In the pre-commit file, Elizabeth pasted the script that would prevent committing AWS keys into the repositories. She would like to ensure that the hook is executable. Which of the following command should Elizabeth run to make sure that the pre-commit hook is executable?)
(Sarah Wheeler is an experienced DevSecOps engineer. She recently joined an IT company that develops software products for customers stretched across the globe. Sarah would like to use a security testing tool that protects the application from false positives, network sniffing, tampering with code, etc. The tool should monitor the incoming traffic to the server and APIs for suspicious activities and help her team in remediating them during runtime. Which of the following tools should Sarah select that will help her team in precisely detecting and remediating the security issues in the application code during runtime?.)
(Lara Grice has been working as a DevSecOps engineer in an IT company located in Denver, Colorado. Her team leader has told her to save all the container images in the centos repository to centos-all.tar. Which of the following is a STDOUT command that Lara can use to save all the container images in the centos repository to centos-all.tar?.)
(Erica Mena has been working as a DevSecOps engineer in an IT company that provides customize software solutions to various clients across United States. To protect serverless and container applications with RASP, she would like to create an Azure container instance using Azure CLI in Microsoft PowerShell. She created the Azure container instance and loaded the container image to it. She then reviewed the deployment of the container instance. Which of the following commands should Erica run to get the logging information from the Azure container instance? (Assume the resource group name as ACI and container name as aci-test-closh.))
(Kevin Williamson is working as a DevSecOps engineer in an IT company located in Los Angles, California. His team has integrated Jira with Jenkins to view every issue on Jira, including the status of the latest build or successful deployment of the work to an environment. Which of the following can Kevin use to search issues on Jira?)
(Kevin Ryan has been working as a DevSecOps engineer in an MNC company that develops various software products and web applications. For easy management of secret credentials in CI/CD pipeline, he would like to integrate Azure Key Vault with Jenkins. Therefore, he created an Azure Key Vault, noted down the credentials displayed on the screen, and created a secret in Azure Key Vault. Then, he used the secret key from the credentials obtained from creating the vault. Kevin went back to Jenkins and installed Azure Key Vault plugin. Then, he navigated to Configure System under Manage Jenkins and added the URL for Azure Key Vault. How can Kevin complete the integration of Azure Key Vault with Jenkins?.)
