ECCouncil 312-97 Actual Free Exam Questions & Community Discussion

(Kevin Williamson is working as a DevSecOps engineer in an IT company located in Los Angles, California.
His team has integrated Jira with Jenkins to view every issue on Jira, including the status of the latest build or successful deployment of the work to an environment. Which of the following can Kevin use to search issues on Jira?)

(William Scott has been working as a senior DevSecOps engineer at GlobalSec Pvt. Ltd. His organization develops software products related to mobile apps. William would like to exploit Jenkins using Metasploit framework; therefore, he downloaded Metasploit. He would like to initiate an Nmap scan by specifying the target IP to find the version of Jenkins running on the machine. Which of the following commands should William use to find the version of Jenkins running on his machine using Nmap?.)

(Richard Branson has been working as a DevSecOps engineer in an IT company since the past 7 years. He has launched an application in a container one month ago. Recently, he modified the container and would like to commit the changes to a new image. Which of the following commands should Branson use to save the current state of the container as a new image?.)

(GainInsights is an IT company that develops mobile applications software. On February 11, 2022, the organization became a victim of a cyber-attack. The attacker targeted the organization's application and compromised some important functionality. After the incident, the DevSecOps team of GainInsights identified the cause of the security issue, resolved it, and noted it for future reference. Based on this information, which of the following set of tests was conducted by GainInsights?.)

(Allen Smith has been working as a senior DevSecOps engineer for the past 4 years in an IT company that develops software products and applications for retail companies. To detect common security issues in the source code, he would like to integrate Bandit SAST tool with Jenkins. Allen installed Bandit and created a Jenkins job. In the Source Code Management section, he provided repository URL, credentials, and the branch that he wants to analyze. As Bandit is installed on Jenkins' server, he selected Execute shell for the Build step and configure Bandit script. After successfully integrating Bandit SAST tool with Jenkins, in which of the following can Allen detect security issues?.)

(Sandra Oliver joined SinClare Soft Pvt. Ltd. as a DevSecOps engineer in January of 2010. Her organization develops software and web applications related to the healthcare industry. Using IAST runtime security testing technology, she is detecting and diagnosing security issues in applications and APIs. The IAST solution used by Sandra encompasses a web scanner with an agent that works inside the server that hosts the application to provide additional analysis details such as the location of the vulnerability in the application code. Based on the given information, which of the following IAST solutions is Sandra using?)