CCNA DEVASC M4 – Application Deployment and Security

1. 1. Which characteristic matches an SaaS deployment
model?
2. Which is a good deployment model for real-time
IoT sensors?
3. In which of the following ways are containers
different from virtual machines? (Choose two.)
4. Which deployment method is best for processes
that are run periodically?
5. What is the second way of DevOps?
6. What is continuous integration?
7. A Docker images uses what type of file system?
8. What command do you use to launch an nginx
container on port 80 of the host file system?
9. A vulnerability is a _______ in protection efforts.
It can be exploited by threats to gain unauthorized
access to an asset.
10. Which of the following are threats? (Choose two.)
11. What type of test is used to identify the possible
weak spots in applications, servers, or networks?
12. Which of the following is a tool that can be used for
network discovery and security auditing?
13. What is the minimum number of identity
components MFA uses to authenticate a user’s
identity?
14. Which of the following is used for fingerprinting of
data to detect whether the data has been modified?
15. Data needs to be secured in multiple locations.
Which of the following are the correct locations?
16. Which modes best describe IDSs and IPSs,
respectively?
17. Which deployment model uses host operating system features to provide an isolated environment for multiple tenants to run applications on the same server?
18. Which application deployment option refers to an on-demand environment for developing and testing software applications?
19. Which three options describe parts of a DevOps life cycle? (Choose three.)
20. Which CI/CD pipeline tool provides a code repository?
21. Consider a system that uses a single server to which users can connect through their browser and open sessions for an unspecified amount of time. In which layer of the testing pyramid should the maximum number of opened connections on that server be tested?
22. What are fixtures in unit testing?
23. With which instruction must each Dockerfile start?
24. Which command creates a new Docker container?
25. A same-origin policy relies on which parts or components of a request to be the same?
26. What is the difference between a network firewall and a WAF?
27. What is the importance of having a test development environment for the DevNet changes you want to apply to your production network?
28. Which statements represent the two main disadvantages of virtual machines?
29. As compared to Virtual machines, bare-metal servers do offer rollback features. (True/False)
30. It refers to an emulation of a computer system running on a shared host.
31. Which features below describes Docker?  (Choose all that apply)
32. Which of these options are public cloud providers?
33. Which of these options as used for application deployments ?
34. On this type of application  deployment model, resources our owned by an organization or a service provider, or both  and is dedicated to one organization only.
35. ______________  is a distributed network architecture that moves your compute, storage, communication, control, and decision making closer to the network edge or where the data is being produced to mitigate the limitations in the current infrastructure.
36. ______________  is a change in culture and process that emphasizes increased collaboration between teams such as software, developers, IT operations, and other services
37. It refers to a DevOps principle where the DevOps process needs to be treated as a whole process, rather than just a couple of smaller tasks.
38. It refers to a DevOps principle that merges the development (testing) and deployment into a single improved and simpler process.
39. It refers to a DevOps principle that breaks the working process of DevOps into smaller bits. This allows tests to be included in the early stages of DevOps and helps with faster error checks.
40. It is an open source automation server with many plug-ins for the CI/CD pipeline.

It is written in a programming language called Apache Groovy
41. Which tools are being used in Continuous Development in DevOps? (Choose 2)
42. Which tools are used in Continuous Testing in Devops? (Choose 2)
43. Which tool is used in Continuous Integration in Devops?
44. Which tools are used in Continuous Deployment in Devops? (Choose all that apply)
45. Which tools are used in Continuous Monitoring in Devops? (Choose all that apply)
46. _____  occurs when an attacker executes malicious scripts in the web browser of a victim
47. Which of these options  are types of SQL Injection attacks?
48. ________  attack occurs when an attacker forces a victim to issue undesirable actions on the victim-authenticated web application. The attack is not executed to collect any data but to target state-changing requests (such as money transfer), because the attacker cannot see the return of the forged request
49. _______________  vulnerabilities allow the attacker to send a forged request from a web server on the behalf of the attacker. In this type of attack, the targets usually are internal systems behind some firewalls.
50. _______________  attacks occur when the injected malicious code is reflected with any response from the web server that consists of the input sent to the web server. The attack is distributed to the victim in a different way, usually in an email message. Once the victim clicks the link, the malicious code navigates to the web page. This action reflects the attack back to the victim web browser, which then executes the malicious script, because the script came from an already trusted web server.