Neste post irei ajudar aqueles que pretendem fazer o Room Introduction to DevSecOps do TryHackMe. Eu vou colocar as respostas no texto. Encorajo fortemente a você tentar resolver os exercícios e só em caso de ficar muito preso em algo, conferir a resposta. Vamos as Taks.
Task 2 - DevOps: A New Hope
As respostas para essa task estão no texto.
What methodology relies on self-organising teams that focus on constructive collaboration?
R: agile
What methodology relies on automation and integration to drive cultural change and unite teams?
R: devops
What traditional approach to project management led to mistrust and poor communication between development teams?
R:waterfall
What does DevOps emphasize?
R:building trust
Task 3 - The Infinite Loop
Análogo a task 2, as respostas estão no texto.
What helps in adding tests in an automated manner and deals with the frequent merging of small code changes?
R: CI/CD
What process focuses on collecting data to analyse the performance and stability of services?
R: Monitoring
What is a way to provision infrastructure through reusable and consistent pieces of code?
R: IaC
Task 4 - Shifting Left
Respostas podem ser encontradas no texto.
What term is it used to describe accounting for security from the earliest stages in a development lifecycle?
R: Shift Left
What is the development approach where security is introduced from the early stages of a development lifecycle until the final stages?
R: DevSecOps
Task 5 - DevSecOps: Security Strikes Back
What DevSecOps challenge can lead to a siloed culture?
R: Security Silos
What DevSecOps challenge can affect not prioritizing the right risks at the right times?
R: Lack of Visibility
What DevSecOps challenge stems from needlessly overcomplicated security processes?
R: Stringent Processes
Task 6 - DevSecOps Culture
How can you make security scalable so it’s not left behind when start ups face hypergrowth or in large corporations?
R: Promote Autonomy of Teams
How can you support teams in understanding risk and educating on security flaws?
R: Visibility and Transparency
What are key factors to successfully instill security in the development process by accounting for flexibility?
R: Understanding and Empathy
Task 7 - Exercise: Fuel Trouble
Só ler as tirinhas e completar que a flag é dada ao final.
What Software Development Model did the team in Comic 1 follow?
R: Waterfall
What Software Development Model did the team in Comic 2 follow?
R: Agile
What Software Development Model did the team in Comic 3 follow?
R: DevOps
What is the flag?
R: THM{ONE_TWO_THREE}