Questions
Here is a list of questions for you to test your knowledge regarding this chapter’s material. You will find the answers in the Assessments section of the Appendix:
- True or false – securing the delivery of software is just a single step in a deployment pipeline.
- Which tool can be used for security testing, where a proxy is used to identify valid application URLs and then perform different attacks, such as injections on an application?
- True or false – in most modern applications, over 50% of the code base comes from open source libraries.
- What are the secure locations for storing the secrets needed during deployment or for running an application? (You can choose more than one answer.)
- Azure Pipelines variables that are marked as secret
- Azure Key Vault
- Azure DevOps Key Vault
- Azure variable groups
- Azure DevOps secure variables
- Azure DevOps service connection
- Which two Azure offerings can be used to detect security risks at runtime?