Is this exam completely free?

Examcademy offers a free preview for every exam, covering around 20% of the total questions. Full access is available with a paid upgrade.

Can I practice IT certification exams from Microsoft, AWS, or CompTIA?

Yes! Examcademy supports a wide range of IT certification exams including Microsoft Azure, AWS Cloud Practitioner, and CompTIA A+ and Security+.

How accurate are the mock exams?

Our mock exams are built and reviewed with the help of AI and community contributions, staying aligned with real-world exam objectives.

Free preview mode

Enjoy the free questions and consider upgrading to gain full access!

350-901Free trial

By cisco

Verified

25Q per page

Question 51

What is a data privacy concern when designing data storage?

A: Data must be kept for as long as necessary.
B: Storage must be designed to enable data maximization.
C: Data must be retained in secure data storage after use.
D: Storage must be designed to enforce encryption in transit.

—

Question 52

A web application is being developed to provide online sales to a retailer. The customers will need to use their username and passwords to login into their profile and complete their order. For this reason, the application must store user passwords.
Which approach ensures that an attacker will need to crack the passwords one at a time?

A: Store the passwords by using asymmetric encryption.
B: Apply the salting technique.
C: Store the passwords by using symmetric encryption.
D: Apply the peppering technique.

—

Question 53

DRAG DROP -
An engineer is developing a web-based application that will be used as a central repository for the HR department. The application needs to authenticate user access and encrypt communication. Drag and drop the steps from the left into the order on the right to install an application-specific SSL certificate.
Select and Place:

—

Question 54

FILL BLANK -
A local Docker image has an image ID of 385001111. Fill in the blanks to complete the command in order to tag the image into the "cisco" repository with
"version1.0"

—

Question 55

Refer to the exhibit. What is the missing step in deploying a Docker container to IOx?

A: Build the package.yaml file.
B: Pull/push the image to the Docker registry.
C: Build the package.cert file to sign the app.
D: Log in to Device Manager.

—

Question 56

Refer to the exhibit. The command docker build --tag=friendlyhello . is run to build a docker image from the given Dockerfile, reguirements.txt, and app.py. Then the command docker run -p 4000:80 friendlyhello is executed to run the application.
Which URL is entered in the web browser to see the content served by the application?

A: http://127.0.0.1:80
B: http://4000:80
C: http://localhost:4000
D: http://localhost:80

—

Question 57

Which two statements about a stateless application are true? (Choose two.)

A: Different requests can be processed by different servers.
B: Requests are based only on information relayed with each request.
C: Information about earlier requests must be kept and must be accessible.
D: The same server must be used to process all requests that are linked to the same state.
E: No state information can be shared across servers.

—

Question 58

A local Docker container with a Container ID of 391441516e7a is running a Python application.
Which command is used to connect to a bash shell in the running container?
A.

—

Question 59

The access token for a Webex bot has been stored in an environment variable using the command: export bot_token=6bec40cf957de397561557a4fac9ea0
The developer now wants to containerize the Python application which will interact with the bot, and will use this build command to add the token to the build image: docker build --build-arg BOT_TOKEN=$bot_token
Which Dockerfile should be used to build the Docker image so that the bot access token is available as an environment variable?
A.

—

Question 60

What is an effective logging strategy according to the 12-factor app tenets?

A: Tag and save logs in a local document database that has querying capabilities.
B: Back up log files in a high-availability remote cluster on the public cloud.
C: Timestamp and save logs in a local time-series database that has querying capabilities.
D: Capture logs by the execution environment and route to a centralized destination.

—

Question 61

Refer to the exhibit. Pipenv is used to manage dependencies. The test runs successfully on a local environment.
What is the reason for the error when running the test on a CI/CD pipeline?

A: All the unit tests in testsum.py failed.
B: Pytest did not detect any functions that start with 'test_'.
C: The pipfile in the local environment was not pushed to the remote repository.
D: Nose2 was not used as the test runner.

—

Question 62

What are two benefits of using a centralized logging service? (Choose two.)

A: reduces the time required to query log data across multiple hosts
B: reduces the loss of logs after a single disk failure
C: improves application performance by reducing CPU usage
D: improves application performance by reducing memory usage
E: provides compression and layout of log data

—

Question 63

A team of developers created their own CA and started signing certificates for all of their IoT devices.
Which action will make the browser accept these certificates?

A: Install a TLS instead of SSL certificate on the IoT devices.
B: Set the private keys 1024-bit RSA.
C: Preload the developer CA on the trusted CA list of the browser.
D: Enable HTTPS or port 443 on the browser.

—

Question 64

DRAG DROP -
An engineer must access multiple bots that are running in an internal infrastructure. A different HTTPS URL is required for each bot. The infrastructure has just one public IP address and a Linux server with Apache installed. Drag and drop the actions from the left into the order of steps on the right to enable access to the bots inside. Not all options are used.
Select and Place:

—

Question 65

What are two benefits of using distributed log collectors? (Choose two.)

A: supports multiple transport protocols such as TCP/UDP
B: improves performance and reduces resource consumption
C: provides flexibility due to a wide range of plugins and accepted log formats
D: enables extension of logs with fields and export to backend systems
E: buffers and resends data when the network is unavailable

—

Question 66

Refer to the exhibit. A company has extended networking from the data center to the cloud through Transit VPC.
Which two statements describe the benefits of this approach? (Choose two.)

A: Dynamic routing combined with multi-AZ deployment creates a robust network infrastructure.
B: VPC virtual gateways provide highly available connections to virtual networks.
C: Dedicated VPC simplifies load balancing by combining internal and external web services.
D: VPC virtual gateways provide more secure connections to virtual networks.
E: Dedicated VPC simplifies routing by not combining this service with other shared services.

—

Question 67

A developer has just completed the configuration of an API that connects sensitive internal systems. Based on company policies, the security of the data is a high priority.
Which approach must be taken to secure API keys and passwords?

A: Embed them directly in the code.
B: Store them in a hidden file.
C: Store them inside the source tree of the application.
D: Change them periodically.

—

Question 68

Which statement about microservices architecture is true?

A: Applications are written in a single unit.
B: It is a complex application composed of multiple independent parts.
C: It is often a challenge to scale individual parts.
D: A single faulty service can bring the whole application down.

—

Question 69

Which two principles are included in the codebase tenet of the 12-factor app methodology? (Choose two.)

A: An application is always tracked in a version control system.
B: There are multiple codebases per application.
C: The codebase is the same across all deploys.
D: There can be a many-to-one correlation between codebase and application.
E: It is only possible to have one application deployment per codebase.

—

Question 70

What is submitted when an SSL certificate is requested?

A: PEM
B: CRT
C: DER
D: CSR

—

Question 71

Which two actions must be taken when an observable microservice application is developed? (Choose two.)

A: Know the state of a single instance of a single service.
B: Place ג€try/exceptג€ statement in code.
C: Place log statements in the code.
D: Use distributed tracing techniques.
E: Deploy microservice to multiple datacenters.

—

Question 72

Which two countermeasures help reduce the risk of playback attacks? (Choose two.)

A: Store data in a NoSQL database.
B: Implement message authentication (HMAC).
C: Enable end-to-end encryption.
D: Remove stack traces from errors.
E: Use short-lived access tokens.

—

Question 73

Which type of file is created from issued intermediate, root, and primary certificates for SSL installation on a server?

A: DER
B: CSR
C: PEM
D: CRT

—

Question 74

DRAG DROP -

Refer to the exhibit. Drag and drop the code snippets from the left onto the item numbers on the right that match the missing sections in the curl exhibit to complete the cURL request to FirePower Device Manager API to create objects. Not all code snippets are used.
Select and Place:

—

Question 75

Which two statements describe advantages of static code analysis over unit tests? (Choose two.)

A: It checks for potential tainted data where input is not checked.
B: It enforces proper coding standards and style.
C: It performs a quick analysis of whether tests will pass or fail when run.
D: It checks for race conditions in threaded applications.
E: It estimates the performance of the code when run.

—

Page 3 of 20 • Questions 51-75 of 485

←

1 2 3 4 5

→

Free preview mode

Enjoy the free questions and consider upgrading to gain full access!