- What security assessment may apply to a new or major application release?
- Full assessment
- Assessment based on the patch scope
- Assessment based on the third party and the integration interfaces
- The security testing scope is limited to ensure no major security issues
- Which of the following is not one of the self-assessment activities that should be done by the product development team?
- Review the OWASP ASVS checklist
- Security awareness training program
- Execute defined automated security tools, such as ZAP, NMAP, and SQLmap
- Fix major security issues
- Which of the following is not the security testing approach for checking hidden communication interfaces?
- Listening to 0.0.0.0 is forbidden
- Searching for hidden hard-coded secrets, ...
Questions
Get Hands-On Security in DevOps now with the O’Reilly learning platform.
O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.