Certified DevSecOps Engineer (ECDE)

Here you have the best ECCouncil 312-97 practice exam questions

You have 100 total questions to study from
Each page has 5 questions, making a total of 20 pages
You can navigate through the pages using the buttons at the bottom
This questions were last updated on December 29, 2025
This site is not affiliated with or endorsed by ECCouncil.

Question 1 of 100

Andrew Gerrard has recently joined an IT company located in Fairmont, California, as a DevSecOps engineer. Due to robust security and cost-effective service provided by AWS, his organization has migrated all the workloads from on-prem to AWS cloud in January of 2020. Andrew’s team leader has asked him to integrate AWS Secret Manager with Jenkins. To do so, Andrew installed the “AWS Secret Manager Credentials provider” plugin in Jenkins and configured an IAM policy in AWS that allows Jenkins to take secrets from AWS Secret manager. Which of the following file should Andrew edit to add access id and secret key parameters along with the region copied from AWS?

/etc/filebeat/filebeat.yml

/etc/sysconfig/Jenkins

/etc/file/Jenkins

/etc/sysconfig file/Jenkins

Correct Answer: B

Question 2 of 100

Gabriel Bateman has been working as a DevSecOps engineer in an IT company that develops virtual classroom software for online teaching. He would like to clone the BDD security framework on his local machine using the following URL, https://github.com/continuumsecurity/bdd-security.git. Which of the following command should Gabriel use to clone the BBD security framework?

git clone https://github.com/continuumsecurity/bdd-security.git

git clone https://github.com/continumsecurity/bdd-security.git

github clone https://github.com/continumsecurity/bdd-security.git

github clone https://github.com/continuumsecurity/bdd-security.git

Correct Answer: A

Question 3 of 100

William Edwards is working as a DevSecOps engineer at SVR Software Solution Pvt. Ltd. His organization develops software products and applications related to digital marketing. William integrated Prisma Cloud with Jenkins to detect threat-intelligence based threat detection. This integration will allow him to scan container images and serverless functions for security issues in the CI/CD pipeline. Which of the following is employed by Prisma Cloud to understand the normal network behavior of each customer’s cloud environment to detect network anomalies and zero-day attacks effectively with minimal false positives?

Advanced unsupervised machine learning

Advanced supervised data mining

Advanced supervised machine learning

Advanced unsupervised data mining

Correct Answer: A

Question 4 of 100

Terry Crews has been working as a DevSecOps engineer at an IT company that develops software products and web applications related to IoT devices. She integrated Sqreen RASP tool with Slack for sending notifications related to security issues to her team. How can Sqreen send notification alerts to Slack?

By creating a cookbook, defining a trigger, Alert a response, and notification

By creating a playbook, defining a trigger, security response, and notification

By creating a cookbook, defining a trigger, security response, and notification

By creating a playbook, defining a trigger, Alert a response, and notification

Correct Answer: C

Question 5 of 100

Richard Branson has been working as a DevSecOps engineer in an IT company that develops apps for Android mobiles. To manage the secret information of an application in various phases of development lifecycle and to provide fine-grained access to each secret, he would like to integrate HashiCorp Vault with Jenkins. To access the vault from Jenkins, Richard installed hashicorp-vault-plugin and ran a vault instance; he then selected the AppRole authentication method, which allows apps to access vault with a predefined role. Which of the following commands should Richard use to enable AppRole authentication?

enable auth vault approle

vault auth enable approle

enable vault auth approle

auth vault enable approle

Correct Answer: B