ECCouncil Related Exams
312-97 Exam
(Craig Kelly has been working as a software development team leader in an IT company over the past 8 years. His team is working on the development of an Android application product. Sandra Oliver, a DevSecOps engineer, used DAST tools and fuzz testing to perform advanced checks on the Android application product and detected critical and high severity issues. She provided the information about the security issues and the recommendations to mitigate them to Craig’s team. Which type of security checks performed by Sandra involve detection of critical and high severity issues using DAST tools and fuzz testing?)
(Evan Peters has been working as a DevSecOps engineer in an IT company located in Denver, Colorado. His organization has deployed various applications on Docker containers. Evan has been running SSH service inside the containers, and handling of SSH keys and access policies is a major security concern for him. What will be the solution for Evan security concern?)
(Amy Ryan is a DevSecOps engineer in an IT company that develops software products and web applications related to cyber security. She is using Anchore tool for container vulnerability scanning and Software Bill of Materials (SBOM) generation. It helped her to perform quick scanning and generating a list of known vulnerabilities from an SBOM, container image, or project directory. Which of the following commands should Amy run to include software from all the image layers in the SBOM?.)