DOL DOL Security and Compliance

Question 1

What is the primary goal of integrating security into the DevOps pipeline (DevSecOps)?

Accepted Answer

Shifting security left to detect vulnerabilities earlier in the development lifecycle

Answer

Slowing releases to allow thorough security audits

Answer

Delegating all security responsibilities to a dedicated team

Answer

Performing security checks only before production deployment

Question 2

Which practice best describes 'security as code' in a DevOps environment?

Accepted Answer

Storing security policies and configurations in version-controlled code repositories

Answer

Hiring more security engineers

Answer

Conducting annual penetration tests

Answer

Isolating security tools from the CI/CD pipeline

Question 3

A DevOps Leader wants to ensure compliance checks do not slow deployments. Which approach is most effective?

Accepted Answer

Automate compliance validation as a gate in the CI/CD pipeline

Answer

Perform manual compliance reviews after each sprint

Answer

Skip compliance checks for internal-only services

Answer

Assign compliance review to the project manager

Question 4

What does 'threat modeling' help a DevOps team accomplish?

Accepted Answer

Identifying potential security threats and mitigations early in the design phase

Answer

Forecasting cloud infrastructure costs

Answer

Measuring deployment frequency

Answer

Tracking post-release defect rates

Question 5

Which tool category is commonly used in DevSecOps pipelines to scan container images for known vulnerabilities?

Accepted Answer

Container image vulnerability scanners

Answer

Static application security testing (SAST)

Answer

Log aggregation platforms

Answer

Load balancers

Question 6

How should a DevOps Leader handle a situation where a security gate is blocking a critical hotfix deployment?

Accepted Answer

Use a documented, approved exception process with compensating controls and post-deployment remediation

Answer

Always override the gate to maintain deployment speed

Answer

Disable security gates permanently for hotfix branches

Answer

Escalate to the security team and wait indefinitely