Application Deployment and Security

Question 1

Describe Deployment Environment

Answer 1

The development environment is where you do your coding, and in most cases it bears only a passing resemblance to the final environment — typically just enough for you to deal with fundamental aspects of your infrastructure, such as containers or cloud networking. You’ll likely use an IDE or other tool to make deployment easier.

Question 2

Describe testing environment

Answer 2

An environment for testing the code with mock resources

Question 3

Describe Staging environment

Answer 3

The stage where it should resemble the production environment

Question 4

Describe Production environment

Answer 4

where end users interact with it. At this point it’s been tested multiple times, and should be error free. The production environment itself must be sized and constructed to handle expected traffic, including surges that might come seasonally or with a particular event.

Question 5

Describe the Bare metal deployment model

Answer 5

Installing software directly onto the target computer

Question 6

Describe the Virtual Machine Deployment model

Answer 6

Virtual computers within your computer where the host is the physical computer

Question 7

Describe what a hypervisor is

Answer 7

software that creates and manages VMS

Question 8

Describe container based infrastructure

Answer 8

a standard unit of software that packages up code and all its dependencies so the application runs quickly and reliably from one computing environment to another

Question 9

Describe Serverless Computing deployment model

Answer 9

a cloud computing execution model in which the cloud provider allocates machine resources on demand, taking care of the servers on behalf of their customers

Question 10

Describe On-premise infrastructure

Answer 10

any system thats literally within the confines of your building

Question 11

Describe Private cloud

Answer 11

a system that provides self-service provisioning for compute resources, networking, and storage.

Question 12

What does the cloud provide

Answer 12

self-service access to computing resources, such as virtual machines, containers, and even bare metal, which means that users can log into a dashboard or use the command line to spin up new resources themselves, rather than waiting for IT to resolve a ticket

Question 13

What is the cloud referred to as

Answer 13

IaaS

Question 14

Describe a Public Cloud

Answer 14

Cloud Infrastructure that is managed by a public cloud provider

Question 15

Describe hybrid cloud

Answer 15

is the combination of two different types of clouds. Typically, hybrid cloud is used to bridge private cloud and public cloud within a single application.

Question 16

What are some advantages of hybrid cloud

Answer 16

You can use the private aspect for security and the public for more resources

Question 17

Describe edge cloud

Answer 17

the computational processing of sensor data away from the centralized nodes and close to the logical edge of the network, toward individual sources of data.

Question 18

What is Docker

Answer 18

a format that wraps a number of different technologies to create what we know today as containers.

Question 19

What is a namespace in Docker

Answer 19

isolate different parts of the running container. For example, the process itself is isolated in the pid (process ID) namespace, the filesystem is isolated in the mnt (mount) namespace, and networking is isolated in the net namespace.

Question 20

What is a control group in Docker

Answer 20

cgroups, are a standard linux concept that enables the system to limit the resources, such as RAM or storage, used by an application.

Question 21

What is a Union File System in Docker

Answer 21

UnionFS, are file systems that are built layer by layer, combining resources.

Question 22

What are the steps for creating a container

Answer 22

Either create a new image using docker build or pull a copy of an existing image from a registry using docker pull. (Depending on the circumstances, this step is optional. See step 3.)
Run a container based on the image using docker run or docker container create.
The Docker daemon checks to see if it has a local copy of the image. If it does not, it pulls the image from the registry.
The Docker daemon creates a container based on the image and, if docker run was used, logs into it and executes the requested command.

Question 23

In order to create a container-based deployment what do you need

Answer 23

Dockerfile

Question 24

What is a Docker file

Answer 24

a text document that contains all the commands a user could call on the command line to assemble an image

Question 25

Describe Continous integration

Answer 25

continually merge your changes with the main branch of the existing application so that any given change set is small and the potential for problems is low

Question 26

Describe Continuous Delivery

Answer 26

the process of performing development in sprints that are short enough that the code is always in a deployable state.

Question 27

Describe rolling upgrade

Answer 27

changes are periodically rolled out in such a way that they don't impact current users; nobody should have to "reinstall" the software.

Question 28

Describe Canary pipeline

Answer 28

the new version is rolled out to a subset of users (or servers, depending on the architecture). If these users experience problems, the changes can be easily rolled back. If these users don't experience problems, the changes are rolled out to the rest of production.

Question 29

Describe Blue-green deployment

Answer 29

an entirely new environment is created with the new code on it, but the old environment is held in reserve. If users on the new environment experience problems, traffic can be diverted back to the original environment. If there are no problems within a specific amount of time, the new environment becomes the production environment and the old one is retired to be used for the next change.

Question 30

Describe a Load balancer

Answer 30

it takes requests and “balances” them by spreading them out among multiple servers. For example, if you have 10 servers hosting your web application, requests will come first to the load balancer, which will then parcel them out among those 10 hosts.

Question 31

Describe Persistent sessions

Answer 31

a process in which a load balancer creates an affinity between a client and a specific network server for the duration of a session,

Question 32

Describe Round robin Load balancing

Answer 32

the server simply sends each request to the “next” server on the list.

Question 33

Describe Least connection Load balancing

Answer 33

Sends requests to the server that is the least busy

Question 34

Describe IP hash

Answer 34

The load balancer makes a decision based on a hash

Question 35

Describe the Blue-green deployment

Answer 35

Sends traffic to the blue environment if it is busy sends it to the green evironment

Question 36

Describe canary deployment

Answer 36

starts by diverting a small fraction of your traffic to the blue environment. A load balancer can then increase the amount of traffic diverted to the blue environment until either issues are detected and traffic goes back to the old environment or all servers and users are on the new environment, and the old one is retired or used for the next push.

Question 37

What is a Reverse Proxy

Answer 37

make sure responses look like they all come from the same server

Question 38

What is data at rest

Answer 38

data being stored

Question 39

what is data in flight or in motion

Answer 39

data being transferred from one server to another

Question 40

Describe Two-way encryption

Answer 40

encrypt the data using a key, and then you can use that key (or a variation on it) to decrypt the data to get it back in “clear text.” You would use this for information you would need to access in its original form, such as medical records or social security numbers.

Question 41

Describe One way encryption

Answer 41

an encrypted value without necessarily using a specific key, but you can’t unencrypt it. You would use that for information you don’t need to retrieve, just need to compare, such as passwords. For example, let’s say you have a user, bob, who has a password of munich. You could store the data as:

Question 42

What is TLS (Transport Layer Security)

Answer 42

provides message authentication and stronger ciphers than its predecessor. Whenever possible you should be using TLS.

Question 43

What is SQL injection

Answer 43

used to attack data-driven applications, in which malicious SQL statements are inserted into an entry field for execution

Question 44

What does SQL injection allow someone to do

Answer 44

allow attackers to spoof identity, tamper with existing data, cause repudiation issues such as voiding transactions or changing balances, allow the complete disclosure of all data on the system, destroy the data or make it otherwise unavailable, and become administrators of the database server.

Question 45

What are SQLmap and SQLninja an example of

Answer 45

Detection engines