312-97 Practice Questions
EC-Council Certified DevSecOps Engineer (ECDE)
Last Update 1 day ago
Total Questions : 100
Dive into our fully updated and stable 312-97 practice test platform, featuring all the latest ECDE exam questions added this week. Our preparation tool is more than just a ECCouncil study aid; it's a strategic advantage.
Our free ECDE practice questions crafted to reflect the domains and difficulty of the actual exam. The detailed rationales explain the 'why' behind each answer, reinforcing key concepts about 312-97. Use this test to pinpoint which areas you need to focus your study on.
(Brady Coleman is a senior DevSecOps engineer at CloudVac Security Private Ltd. He has created a new container named “eccbrad” from the centos:7 image using the command docker run -i -t --name geeklab centos:7 /bin/bash. Now, Brady wants to install the httpd package inside the eccbrad container. Which of the following commands should Brady use to install the httpd package inside the container?)
(Bruce Altman is a DevSecOps engineer at a web application development company named TechSoft Pvt. Ltd. Due to robust security features provided by Microsoft Azure, in January of 2020, his organization migrated all the workloads from on-prem to Azure. Using Terraform configuration management tool, Bruce created a resource group and virtual machine (VM) in Azure; he then deployed a web application in the VM. Within an hour, Bruce’s team leader informed him that he detected various security issues in the application code and asked him to destroy the infrastructure that he has created in Microsoft Azure using Terraform. Which of the following commands can Bruce use to destroy the infrastructure created using Terraform?.)
(DWART is an IT company that develops cyber security software and web applications. The organization ensures that all users should be identified and authorized, enforces proper auditing, secures data at rest, ensures that the attacker cannot bypass the security layers, implements multiple layers of defense, maintains proper data integrity, and performs proper input validation for the application. Based on the above-mentioned information, which of the following secure coding principles is achieved by DWART?.)
(Matt LeBlanc has been working as a DevSecOps engineer in an IT company that develops software products and web applications for IoT devices. His team leader has asked him to use GitRob tool to find sensitive data in the organizational public GitHub repository. To install GitRob, Matt ensured that he has correctly configured Go >= 1.8 environment and that $GOPATH/bin is in his $PATH. The GitHub repository URL from which he is supposed to install the tool ishttps://github.com/michenriksen/gitrob . Which of the following command should Matt use to install GitRob?.)
(Brett Ryan has been working as a senior DevSecOps engineer in an IT company in Charleston, South Carolina. He is using git-mutimail tool to send email notification for every push to git repository. By default, the tool will send one output email providing details about the reference change and one output email for every new commit due to a reference change. How can Brett ensure that git-multimail is set up appropriately?)
(Peter Dinklage has been working as a senior DevSecOps engineer at SacramentSoft Solution Pvt. Ltd. He has deployed applications in docker containers. His team leader asked him to check the exposure of unnecessary ports. Which of the following commands should Peter use to check all the containers and the exposed ports?)
(Curtis Morgan has been working as a software developer in an MNC company. His team has developed a NodeJS application. While doing peer review of the NodeJS application, he observed that there are insecure libraries in the application. Therefore, he approached, Teresa Lisbon, who is working as a DevSecOps engineer, to detect the insecure libraries in the NodeJS application. Teresa used a SCA tool to find known vulnerabilities in JavaScript libraries for Node.JS applications and detected all the insecure libraries in the application. Which of the following tools did Teresa use for detecting insecure libraries in the NodeJS application?)
(Victor Garber is a DevSecOps team leader in SanSec Pvt. Ltd. His organization develops various types of software products and web applications. Currently, his team is working on security of Java-based web application product. How can Victor identify vulnerabilities that are missed in pre-production testing activities?.)
(Timothy Dalton has been working as a senior DevSecOps engineer in an IT company located in Auburn, New York. He would like to use Jenkins for CI and Azure Pipelines for CD to deploy a Java-based app to an Azure Container Service (AKS) Kubernetes cluster. Before deploying Azure Kubernetes Service (AKS) Cluster, Timothy wants to create a Resource group named Jenkins in southindia location. Which of the following commands should Timothy run?.)
(Kevin Williamson is working as a DevSecOps engineer in an IT company located in Los Angles, California. His team has integrated Jira with Jenkins to view every issue on Jira, including the status of the latest build or successful deployment of the work to an environment. Which of the following can Kevin use to search issues on Jira?)
