šŸ·ļø LIMITED TIME OFFER: GET 20% OFF GRADE+ YEARLY SUBSCRIPTION ā†’
Log in
Computer Science
1
answer
1
watching
262
views

A security engineer thinks the development team has been hard-coding sensitive environment variables in its code.

Which of the following would BEST secure the company's CI/CD pipeline?

 

Options:

A Utilizing a trusted secrets manager
B Performing DAST on a weekly basis
C Introducing the use of container orchestration
D Deploying instance tagging

Watch
1
answer
1
watching
262
views

For unlimited access to Homework Help, a Homework+ subscription is required.

Avatar image
Liked by aminul2005 and 1 others

Unlock all answers

Get 1 free homework help answer.
Already have an account? Log in
Share

Related questions

During a remodel, a company's computer equipment was moved to a secure storage room with cameras positioned on both sides of the door. The door is locked using a card reader issued by the security team, and only the security team and department managers have access to the room. The company wants to be able to identify any unauthorized individuals who enter the storage room by following an authorized employee.

Which of the following processes would BEST satisfy this requirement?

Options: A Monitor camera footage corresponding to a valid access request.
B Require both security and management to open the door.
C Require department managers to review denied-access requests.
D Issue new entry badges on a weekly basis.

A company plans to build an entirely remote workforce that utilizes a cloud-based infrastructure. The Chief Information Security Officer asks the security engineer to design connectivity to meet the following requirements:

Only users with corporate-owned devices can directly access servers hosted by the cloud provider.

The company can control what SaaS applications each individual user can access.

User browser activity can be monitored.

Which of the following solutions would BEST meet these requirements?

Options: A IAM gateway, MDM, and reverse proxy
B VPN, CASB, and secure web gateway
C SSL tunnel, DLP, and host-based firewall
D API gateway, UEM, and forward proxy

A company publishes several APIs for customers and is required to use keys to segregate customer data sets.

Which of the following would be BEST to use to store customer keys?

Options:

A A trusted platform module
B A hardware security module
C A localized key store
D A public key infrastructure

Weekly leaderboard

Home
Homework Help 3,900,000
Computer Science 2,000
Start filling in the gaps now
Log in