live chatMcAfee Secure sites help keep you safe from identity theft, credit card fraud, spyware, spam, viruses and online scams
Pass4Test 10%OFF Discount Code

ECCouncil EC-Council Certified DevSecOps Engineer (ECDE) - 312-97 Exam Questions

QUESTION NO: 1
(Peter Dinklage has been working as a senior DevSecOps engineer at SacramentSoft Solution Pvt. Ltd. He has deployed applications in docker containers. His team leader asked him to check the exposure of unnecessary ports. Which of the following commands should Peter use to check all the containers and the exposed ports?)
Correct Answer: A
Explanation: Only visible for Pass4Test members. You can sign-up / login (it's free).
QUESTION NO: 2
(Charles Drew has been working as a DevSecOps team leader in an IT company located in Nashville, Tennessee. He would like to look at the applications from an attacker's perspective and make security a part of the organizations' culture. Imagine, you are working under Charles as a DevSecOps engineer. Charles has asked you to install ThreatPlaybook, which is a unified DevSecOps Framework that allows you to go from iterative, collaborative threat modeling to application security testing orchestration. After installation, you must configure ThreatPlaybook CLI; therefore, you have created a directory for the project and then you go to the current directory where you would like to configure ThreatPlaybook. Which of the following commands will you use to configure ThreatPlaybook? (Here, < your-email > represents your email id; < host info > represents IP address; and < port > represents the nginx port.))
Correct Answer: A
Explanation: Only visible for Pass4Test members. You can sign-up / login (it's free).
QUESTION NO: 3
(Steven Gerrard has been working as a DevSecOps engineer at an IT company that develops software products and applications related to the healthcare industry. His organization has been using Azure DevOps services to securely and quickly develop software products. To ensure that the deployed infrastructure is in accordance with the architecture and industrial standards and the security policies are appropriately implemented, she would like to integrate InSpec with Azure. Therefore, after installation and configuration of InSpec, she created InSpec profile file and upgraded it with personal metadata and Azure resource pack information; then she wrote the InSpec tests. Which of the following commands should Steven use to run InSpec tests to check the compliance of Azure infrastructure?)
Correct Answer: B
Explanation: Only visible for Pass4Test members. You can sign-up / login (it's free).
QUESTION NO: 4
(SinCaire is a software development company that develops web applications for various clients. To measure the successful implementation of DevSecOps, the organization enforced U.S. General Service Administrator (GSA) high-value DevSecOps metrics. Which of the following metrics implemented by SinCaire can measure the time between the code commit and production, and tracks the bug fix and new features throughout the development, testing, and production phases?)
Correct Answer: A
Explanation: Only visible for Pass4Test members. You can sign-up / login (it's free).
QUESTION NO: 5
(GainInsights is an IT company that develops mobile applications software. On February 11, 2022, the organization became a victim of a cyber-attack. The attacker targeted the organization's application and compromised some important functionality. After the incident, the DevSecOps team of GainInsights identified the cause of the security issue, resolved it, and noted it for future reference. Based on this information, which of the following set of tests was conducted by GainInsights?.)
Correct Answer: C
Explanation: Only visible for Pass4Test members. You can sign-up / login (it's free).
QUESTION NO: 6
(Steven Smith has been working as a DevSecOps engineer in an IT company that develops software products related to the financial sector. His team leader asked him to integrate Conjur with Jenkins to secure the secret credentials. Therefore, Steven downloaded Conjur.hpi file and uploaded it in the Upload Plugin section of Jenkins. He declared host and layers, and declared the variables. Which of the following commands should Steven use to set the value of variables?)
Correct Answer: D
Explanation: Only visible for Pass4Test members. You can sign-up / login (it's free).
QUESTION NO: 7
(Jordon Garrett is working as a DevSecOps engineer in an IT company situated in Chicago, Illinois. His team prefers to use PowerShell for utilizing Git hooks because Bash and Windows are not compatible for advanced executions. For calling PowerShell script from Bash shell, Jordon wrote a PowerShell script using pre-commit logic such as pre-commit.ps1 and then executed the following commands
#!C:/Program\ Files/Git/usr/bin/sh.exe
exec powershell.exe -NoProfile -ExecutionPolicy Bypass -File "..git\hooks\pre-commit.ps1" How would Jordon know that the commit is successful?.)
Correct Answer: D
Explanation: Only visible for Pass4Test members. You can sign-up / login (it's free).
QUESTION NO: 8
(William O'Neil has been working as a senior DevSecOps engineer in an IT company that develops software products related to ecommerce. At this point in time, his team is working on securing a python-based application. Using GitGraber, William would like to detect sensitive information in real-time in his organizational GitHub repository. Therefore, he downloaded GitGraber and installed the dependencies. Which of the following commands should William use to find secrets using a keyword (assume the keyword is yahoo)?.)
Correct Answer: B
Explanation: Only visible for Pass4Test members. You can sign-up / login (it's free).
QUESTION NO: 9
(Sofia Coppola has been working as a senior DevSecOps engineer in an MNC company located in Denver, Colorado. In January of 2020, her organization migrated all the workloads from on-prem to AWS cloud environment due to the robust security feature and cost-effective services offered by AWS. Which of the following is an Amazon Web Services-hosted version control tool that Sofia can use to manage and store assets in the AWS cloud?.)
Correct Answer: C
Explanation: Only visible for Pass4Test members. You can sign-up / login (it's free).