(Rachel McAdams has been working as a senior DevSecOps engineer in an IT company for the past 5 years. Her organization embraced AWS cloud service due to robust security and cost-effective features offered by it. To take proactive decisions related to the security issues and to minimize the overall security risk, Rachel integrated ThreatModeler with AWS. ThreatModeler utilizes various services in AWS to produce a robust threat model. How can Rachel automatically generate the threat model of her organization's current AWS environment in ThreatModeler?.)
(Amy Ryan is a DevSecOps engineer in an IT company that develops software products and web applications related to cyber security. She is using Anchore tool for container vulnerability scanning and Software Bill of Materials (SBOM) generation. It helped her to perform quick scanning and generating a list of known vulnerabilities from an SBOM, container image, or project directory. Which of the following commands should Amy run to include software from all the image layers in the SBOM?.)
(James Harden has been working as a senior DevSecOps engineer in an IT company located in Oakland, Californi
a. To detect vulnerabilities and to evaluate attack vectors compromising web applications, he would like to integrate Burp Suite with Jenkins. He downloaded the Burp Suite Jenkins plugins and then uploaded the plugin and successfully integrated Burp Suite with Jenkins. After integration, he would like to scan web application using Burp Suite; therefore, he navigated to Jenkins' dashboard, opened an existing project, and clicked on Configure. Then, he navigated to the Build tab and selected Execute shell from Add build step. Which of the following commands should James enter under the Execute shell?.)
(Joyce Vincent has been working as a senior DevSecOps engineer at MazeSoft Solution Pvt. Ltd. She would like to integrate Trend Micro Cloud One RASP tool with Microsoft Azure to secure container-based application by inspecting the traffic, detecting vulnerabilities, and preventing threats. In Microsoft Azure PowerShell, Joyce created the Azure container instance in a resource group (ACI) (named ''aci-test-closh'') and loaded the container image to it. She then reviewed the deployment of the container instance. Which of the following commands should Joyce use to get the logging information from the container?.)
(Rockmond Dunbar is a senior DevSecOps engineer in a software development company. His organization develops customized software for retail industries. Rockmond would like to avoid setting mount propagation mode to share until it is required because when a volume is mounted in shared mode, it does not limit other containers to mount and modify that volume. If mounted volume is sensitive to changes, then it would be a serious security concern. Which of the following commands should Rockmond run to list out the propagation mode for mounted volumes?.)