IaC Security Best Practices Quiz

Questions and Answers

What should teams approach when experimenting?

• Scientifically (correct)
• Creatively
• Logically
• Intuitively

True or false: DevOps is a mindset shift from working in silos to a culture of collaboration.

True (A)

What should be done to minimize security risks and avoid cyber attacks and breaches when using IaC?

• Automate security scanning
• Perform security scans on code (correct)
• Harden developers' access
• Simplify the code

What is the main purpose of Apache Hadoop?

To store and analyze large amounts of data (A)

What is the goal of value stream mapping?

To make the work visible and to improve the process. (A)

What is the first step in transitioning to DevOps?

Changing the organization's culture (C)

What is a threat to IaC security that should be prevented?

Environmental/cloud drift (C)

What is the primary benefit of Apache Spark compared to Hadoop?

It is optimized for in-memory processing (C)

True or false: Value stream mapping is a process used to understand the current system flow.

True (A)

What is the main goal of experiments?

To test new ideas (D)

True or false: The goal of the feedback loop is to increase the speed of the system.

False (B)

How should successes be shared?

Only if they are proven (D)

What is the purpose of the blameless postmortem?

To learn from failure and improve the work. (C)

How does Intel BigDL help with Apache Spark?

It efficiently scales out to perform data analytics (C)

What should be done to reduce the likelihood of security issues or violations in IaC code?

Simplify the code (D)

What kind of mindset shift is required for DevOps?

From siloed environments to collaboration. (A)

What is an example of an IaC security best practice?

Performing security scans on code (B)

True or false: Shortening feedback loops is one of the three underlying principles of DevOps.

True (A)

What is the best way to learn about what we like and dislike?

Try new foods (C)

What is the name of the computational model used by Apache Hadoop?

MapReduce (B)

What are the three principles underpinning DevOps?

Increasing the flow, blameless postmortems, and learning from failure (C)

What is the output of the MapReduce Word Count Example?

A count of the words in the input (C)

True or false: Organizations must first change their culture to successfully transition to DevOps.

True (A)

What is the most important aspect of a high trust culture?

Lifelong learning (C)

What should be done to identify and correct misconfigurations in IaC code?

Perform security scans on code (C)

What is the best way to measure success when experimenting?

By the results (D)

What is the goal of DevOps?

To improve the process and increase feedback. (C)

What is the size of the input file for Hadoop?

About one terabyte (A)

True or false: Experimentation and learning from failure are important aspects of DevOps.

True (A)

What is a challenging task when it comes to IaC security?

Ensuring security (D)

What is the key cultural aspect of the feedback loop?

Establishing blameless postmortems. (B)

True or false: Blameless postmortems should be used to identify individuals responsible for an issue.

False (B)

What should teams be given to try out new ideas?

Time (B)

Study Notes

• IaC security is a complex and challenging task
• Adhering to IaC security best practices minimizes security risks and avoids cyber attacks and breaches
• Security scans should be performed on IaC code to identify and correct misconfigurations
• Automating IaC security scanning helps identify and correct vulnerabilities
• Environmental/cloud drift is a threat to IaC security and should be prevented
• Code tampering is a threat to IaC security and should be avoided by hardening developers' access
• Avoid complexity in IaC code to reduce the likelihood of security issues or violations.

Description

Test your knowledge of Infrastructure as Code (IaC) security with this quiz. Learn about best practices for minimizing security risks, performing security scans, automating security scanning, preventing environmental/cloud drift, avoiding code tampering, and reducing complexity in IaC code.