CAS-004 Application Environment, Configuration and Security • Complete Question Bank
Complete CAS-004 Application Environment, Configuration and Security question bank — all 0 questions with answers and detailed explanations.
Drag steps to the numbered slots on the right, or tap a step then tap a slot.
Drag steps to the numbered slots on the right, or tap a step then tap a slot.
Drag a concept onto its matching description — or click a concept then click the description.
Trust relationships between identity providers
Controls and monitors admin accounts
Restricts access based on physical location
Obfuscates sensitive data in non-production environments
Replaces sensitive data with non-sensitive placeholders
Drag a concept onto its matching description — or click a concept then click the description.
Uses tickets and symmetric key cryptography
XML-based federated identity protocol
Authorization framework for delegated access
AAA protocol for network access
Directory access protocol for authentication
Refer to the exhibit.
{
"Version": "2012-10-17",
"Statement": [
{
"Effect": "Allow",
"Action": "s3:ListBucket",
"Resource": "arn:aws:s3:::example-bucket"
},
{
"Effect": "Deny",
"Action": "s3:*",
"Resource": "arn:aws:s3:::secret-bucket"
}
]
}Refer to the exhibit.
<Directory /var/www/html>
Options -Indexes
AllowOverride None
Order allow,deny
Allow from all
</Directory>import os
api_key = os.environ['API_KEY']
db_connection = os.getenv('DB_CONNECTION', 'sqlite:///default.db')
if not api_key:
print("Warning: API key not set")# nginx.conf
server {
listen 443 ssl;
ssl_certificate /etc/ssl/certs/server.crt;
ssl_certificate_key /etc/ssl/private/server.key;
location /admin {
proxy_pass http://internal-admin:8080;
allow 192.168.1.0/24;
deny all;
}
location /api {
proxy_pass http://internal-api:8080;
}
}{
"Version": "2012-10-17",
"Statement": [
{
"Effect": "Allow",
"Principal": "*",
"Action": "s3:GetObject",
"Resource": "arn:aws:s3:::example-bucket/*",
"Condition": {
"IpAddress": {
"aws:SourceIp": "192.0.2.0/24"
}
}
},
{
"Effect": "Allow",
"Principal": "*",
"Action": "s3:PutObject",
"Resource": "arn:aws:s3:::example-bucket/*"
}
]
}