1.What is commonly the next generation of organizational patch management for many companies?
B.A bastion host
D.Software assurance program
2.Which of these are common tools used to create or increase security awareness?
E.Confirming resume references
3.What solution does AWS use in partnership with other security vendors to mitigate zero-day attacks on the cloud?
4.When applying the Secure SDLC, which phase will most likely perform enhancement and ongoing maintenance?
A.Phase 4- construct
C.Phase 5 test
D.Phase 6-product release
5.Which of these statements is true when comparing SAST to DAST?
A.DAST can better discover runtime and environment-related issues
B.SAST is more expensive to fix vulnerabilities
C.SAST is considered black box testing
D.DAST requires source code
6.Which are commonly passed from the service provider to the identity provider in a federated solution?
7.Which of the following techniques will best give you the option to store and process your data on any public or private cloud instance?
A.Plan and design for elasticity
B.Design apps as a set of services
C.Decouple the data when possible
D.Build security controls into the lifecycle