Module 3 - Application Security In Cloud - Part 2 Exam
5 views 0 purchase
Course
Module 3 - Application Security In Cloud - Part 2
Institution
Module 3 - Application Security In Cloud - Part 2
Module 3 - Application Security In Cloud - Part 2 Exam
- ANSWER-TRUE
* A security tool must not impact the performance of an application.
* Vulnerabilities must be prioritized based on their criticality and real attack data must be provided from production environments by the CISO's office.
* T...
Module 3 - Application
Security In Cloud - Part
2 Exam
- ✔✔✔ANSWER-TRUE
* A security tool must not impact the performance of an application.
* Vulnerabilities must be prioritized based on their criticality and real attack data
must be provided from production environments by the CISO's office.
* The CIO's office should make infrastructure changes transparent to applications.
_______ and ________ of cloud computing impact all the phases of SSDLC, no
matter which SSDLC is being used - ✔✔✔ANSWER-Abstraction and automation
,________ and _______ authentication method Connect-based repository handle
authentication for API including cloud functions for existing customers, business
partners or supplies, and internal employees and users . - ✔✔✔ANSWER-SAML
and Open ID
__________ are the most vulnerable areas of a microservice architecture -
✔✔✔ANSWER-APIs
___________ is used to track CI/CD pipelines - ✔✔✔ANSWER-
___________ is used to track CI/CD pipelines properly configured, every
configuration, code, and infrastructure change - ✔✔✔ANSWER-Logs
The logging feature of CI/CD pipelines allows security teams to easily check and
identify changes and the users who are responsible for them
___________ is used to track CI/CD pipelines properly configured, every
configuration, code, and infrastructure change - ✔✔✔ANSWER-Logs
The logging feature of CI/CD pipelines allows security teams to easily check and
identify changes and the users who are responsible for them
___________ is used to track CI/CD pipelines properly configured, every
configuration, code, and infrastructure change - ✔✔✔ANSWER-Logs
The logging feature of CI/CD pipelines allows security teams to easily check and
identify changes and the users who are responsible for them
,____________ includes people, processes, and systems. It helps administrators
manage access to enterprise cloud applications by verifying the identity of an
entity and then granting the correct level of access based on the protected
applications. - ✔✔✔ANSWER-IAM
IAM is used to grant or deny rights to cloud applications and authenticate users,
services, or devices.
IAM can be used within an organization or outside of it in a business-to-business
relationship or even between a cloud provider and an organization
____________ includes people, processes, and systems. It helps administrators
manage access to enterprise cloud applications by verifying the identity of an
entity and then granting the correct level of access based on the protected
applications. - ✔✔✔ANSWER-IAM
IAM is used to grant or deny rights to cloud applications and authenticate users,
services, or devices.
IAM can be used within an organization or outside of it in a business-to-business
relationship or even between a cloud provider and an organization
____________ includes people, processes, and systems. It helps administrators
manage access to enterprise cloud applications by verifying the identity of an
entity and then granting the correct level of access based on the protected
applications. - ✔✔✔ANSWER-IAM
, IAM is used to grant or deny rights to cloud applications and authenticate users,
services, or devices.
IAM can be used within an organization or outside of it in a business-to-business
relationship or even between a cloud provider and an organization
____________ involves the integration of security testing into the app
development process to build more secure, harder, and more resilient applications -
✔✔✔ANSWER-Rugged DevOps
____________ involves the integration of security testing into the app
development process to build more secure, harder, and more resilient applications -
✔✔✔ANSWER-Rugged DevOps
____________ The most frequent outside attacks are ransomware attacks -
✔✔✔ANSWER-
_______________ enables the development team to prevent the identified threats
through secure design, secure coding, secure configuration, secure integration, and
security testing practices - ✔✔✔ANSWER-threat modeling
Threat modeling provides the application development team a view on conditions,
actions, or behaviors that affect cloud applications and lead to security incidents.
Cloud application development should address the identified threats during threat
modeling.
________________ are teams within the CISO/CIO organizations with the goal of
addressing enterprise security and minimize risk holistically.
The benefits of buying summaries with Stuvia:
Guaranteed quality through customer reviews
Stuvia customers have reviewed more than 700,000 summaries. This how you know that you are buying the best documents.
Quick and easy check-out
You can quickly pay through credit card or Stuvia-credit for the summaries. There is no membership needed.
Focus on what matters
Your fellow students write the study notes themselves, which is why the documents are always reliable and up-to-date. This ensures you quickly get to the core!
Frequently asked questions
What do I get when I buy this document?
You get a PDF, available immediately after your purchase. The purchased document is accessible anytime, anywhere and indefinitely through your profile.
Satisfaction guarantee: how does it work?
Our satisfaction guarantee ensures that you always find a study document that suits you well. You fill out a form, and our customer service team takes care of the rest.
Who am I buying these notes from?
Stuvia is a marketplace, so you are not buying this document from us, but from seller NURSING2EXAM. Stuvia facilitates payment to the seller.
Will I be stuck with a subscription?
No, you only buy these notes for $17.99. You're not tied to anything after your purchase.
