Practice Free S2000-022 Exam Online Questions
What would an administrator use to create a secret associated with a non-IBM Cloud resource?
- A . Service ID
- B . App ID
- C . User ID
- D . Functional ID
Which two phases of the software development lifecycle does DevSecOps automate with the integration of security?
- A . Development
- B . Review
- C . Deployment
- D . Production
- E . Reliability
How do toolchain templates benefit DevSecOps practices? (Choose Three)
- A . Standardize processes across multiple projects
- B . Increase the need for customized tool integrations
- C . Accelerate the setup of new development environments
- D . Reduce learning curves by providing familiar tools and workflows
- E . Encourage inconsistent development practices across teams
IBM Cloud Security and Compliance Center can be used to __________.
- A . Automate resource provisioning
- B . Automate code reviews
- C . Create secure cloud identities
- D . Validate resource configurations
DevSecOps is a DevOps practice that has a goal of continuously __________.
- A . Excluding security from the development process entirely
- B . Isolating security processes from the rest of the development cycle
- C . Prioritizing speed over security in software development
- D . Incorporating security controls throughout the development cycle
Which tools are commonly used in DevSecOps for Infrastructure as Code (IaC)? (Choose two)
- A . Terraform
- B . Kubernetes
- C . Ansible
- D . Docker
A team is using Ansible for configuration management and wants to execute it automatically after infrastructure provisioning.
What tool can they use to automate both infrastructure provisioning and configuration management?
- A . Terraform
- B . Jenkins
- C . GitHub
- D . Docker
What is the distinction between logging and monitoring in a DevSecOps environment?
- A . Logging records events for future analysis, while monitoring provides real-time observation of the system’s state
- B . Monitoring is not necessary if comprehensive logging is implemented
- C . Logging is less critical than monitoring
- D . Both logging and monitoring are outdated practices
What is the primary benefit of using Infrastructure as Code (IaC) in a DevSecOps environment?
- A . It automates manual security checks
- B . It allows for the automated provisioning and management of infrastructure
- C . It eliminates the need for version control in code repositories
- D . It slows down the deployment process for review
What is the primary goal of continuous compliance in DevSecOps?
- A . To reduce the frequency of audits and compliance checks
- B . To ensure all development and operations processes meet regulatory and security standards at all times
- C . To completely automate legal and financial reporting
- D . To isolate compliance responsibilities to a separate team