DevSecOps Literacy (Beginner Level)

  • 22m
  • 22 questions
The DevSecOps Literacy (Beginner Level) benchmark assesses your general understanding of security practices included in the DevOps process. You will be evaluated on your knowledge of integrating security in DevOps development, where DevSecOps fits in the overall IT landscape, and how DevSecOps fits within the context of DevOps. A learner who scores high on this benchmark demonstrates that they have the skills necessary to apply concepts related to DevSecOps, the implementation of DevSecOps in the CI/CD pipeline, security in various phases of CI/CD, the principles of DevSecOps, and related tools and services.

Topics covered

  • describe the continuous development phase of the DevOps life cycle
  • differentiate between active and passive attacks
  • differentiate between DevOps and DevSecOps
  • identify common benefits of DevSecOps including delivery and security
  • list best practices related to DevSecOps vulnerability analysis
  • list common challenges of the adoption of DevOps and DevSecOps
  • list common DevSecOps compliance considerations
  • list common DevSecOps security recommendations, such as implementing secure coding guidelines, building security into applications, and validating input data
  • list fundamental DevSecOps requirements, including automation, collaboration, visibility, and policy
  • list key elements of DevSecOps, such as vulnerability scanning and runtime protection
  • outline DevSecOps phases like threat assessment and research
  • outline industries that can implement and benefit from DevSecOps implementations, including automotive, healthcare, and financial
  • outline key considerations when migrating from the DevOps life cycle to the DevSecOps life cycle
  • outline the basic tenants of information security: confidentiality, integrity , and availability
  • provide an overview of code analysis in DevSecOps
  • provide an overview of the continuous deployment phase of the DevOps life cycle
  • provide an overview of the continuous integration phase of the DevOps life cycle
  • provide an overview of the continuous monitoring phase of the DevOps life cycle
  • provide an overview of the DevOps life cycle
  • recognize common information security technologies including firewalls, data loss prevention, intrusion prevention, and endpoint detection and response
  • recognize different types of information security including application, cloud, and infrastructure security
  • recognize key differences between Agile and DevSecOps