Question 81: What is the most common buffer overflow attack?
A. Heap-based buffer overflow attack
B. Stack-based buffer overflow attack
C. Integer buffer overflow attack
D. Unicode buffer overflow attack
Correct Answer: B. Stack-based buffer overflow attack
Explanation: Stack-based buffer overflow attacks are the most common type of buffer overflow attack. They exploit an app’s memory space, which stores user input, also known as a stack.
Question 82: APM involves:
A. Managing and monitoring the performance and UX of an app and its supporting resources
B. A system that oversees an application’s functionality from the planning stages through sunsetting
C. The measurement of software performance in terms of business value
D. A and C
Correct Answer: D. A and C
Explanation: APM is the process through which an IT organization detects and addresses app performance concerns. APM software, typically in a dashboard format, delivers performance metrics that make it easy to track key performance indicators, called KPIs. Option B is a description of application lifecycle management.
Question 83: An APM system should reveal what performance information?
A. Conversion rate, uptime, ROI
B. Runtime, error rates, CPU usage, application availability, response time
C. Load tests, stress tests, spike tests, soak tests
D. B or C
Correct Answer: B. Runtime, error rates, CPU usage, application availability, response time
Explanation: Option B lists APM metrics that reflect software performance. An IT organization’s APM setup should gauge those KPIs. Option A lists information about an app’s business performance, but these are not metrics that an app monitoring tool would track. Option C lists four different types of performance tests. Organizations can use APM tools to monitor the application during these different kinds of performance tests.
Question 84: Select the term that best matches the description: This term refers to the evaluation of event data that the organization captures from the software, network or component in the IT ecosystem. Analysis of this event data reveals patterns in areas like user behavior, compliance and security, as well as performance problems.
A. Flow mapping
B. Real-user monitoring
C. Log monitoring
D. Root cause analysis
Correct Answer: C. Log monitoring
Explanation: The above definition refers to log monitoring, which forms the basis of log analytics. Each event in an application’s operation, such as a login attempt or driver update, generates a log. Flow maps are a common element of APM dashboards. Flow maps diagram the movement of information and processes in an application. Real-user monitoring refers to watching and recording how users interact with software. And root cause analysis is a method to examine when, why and how a problem happened. This process is not specific to event data, though event data and log analytics often play a role in root cause analysis.
Question 85: Which statement is true for DevOps organizations?
A. Application monitoring is not just an operations responsibility, but the development team’s too.
B. Enterprises must maintain a replica of all web applications in staging environments at all times.
C. Development and operations must adopt different APM metrics and not track each other’s metrics.
D. The enterprise must maintain separate dashboards for development and operations teams.
Correct Answer: A. Application monitoring is not just an operations responsibility, but the development team’s too.
Explanation: When an IT organization adopts DevOps, development and operations teams share responsibilities, including application monitoring. Developers help optimize app performance in production, and troubleshoot and resolve problems. Options C and D run counter to DevOps principles, as they isolate development and operations teams from each other. And while staging environments are useful for many testing and release tasks, no one said you have to keep all apps running there all the time.
Question 86: Which answer completes this sentence? ________ conveys how an application performs, overall, in the eyes of real customers.
A. A staging environment
B. End-user experience monitoring
C. Integration testing
D. Response time analysis
Correct Answer: B. End-user experience monitoring
Explanation: A staging environment is a copy of the production environment that exists for testing purposes. Integration testing is only one test level higher than unit testing; the test doesn’t even assess the application as a whole. Response time analysis tells app teams how quickly the app works, but does not provide an overall picture of performance. IT organizations perform end user experience monitoring to get a complete sense of a customer’s experience with an application, including every transaction, bug, design deficiency and quirk users themselves encounter.
Question 87: When can an IT organization adopt APM?
A. In Agile environments
B. For JavaScript applications
C. For web applications
D. For all software applications and development environments
Correct Answer: D. For all software applications and development environments
Explanation: APM is relevant to any kind of software or development environment. One can monitor and manage the performance of any application. Therefore, all apps and dev environments, including JavaScript and web applications, and Agile environments, can have an APM setup.
Question 88: Pick the answer that lists three functional dimensions of application performance monitoring:
A. Volume, variety and velocity
B. Front-end monitoring, application discovery, tracing and diagnostics (ADTD), and analytics
C. Software design, security and compliance, and user productivity
D. User experience, software requirements and error rates
Correct Answer: B. Front-end monitoring, application discovery, tracing and diagnostics (ADTD), and analytics
Explanation: In its 2020 report, “Magic Quadrant for Application Performance Monitoring,” Gartner states that application performance monitoring must promote front-end monitoring, ADTD and analytics. Front-end monitoring includes synthetic monitoring and real-user monitoring capabilities for mobile and web applications. ADTD essentially maps how various software elements intersect and relate to each other. Analytics refers to root cause and logs analysis.
Question 89: Developers typically use APM tools to track UX metrics like _______, _______and _______.
A. Error rate, user satisfaction, usability
B. Net Promoter Score, task success rate, network throughput
C. User retention, usability, release velocity
D. Pupil dilation, heart rate, runtime
Correct Answer: A. Error rate, user satisfaction, usability
Explanation: Network throughput of data, application release velocity and runtime aren’t UX metrics, although these areas can contribute indirectly to the application user’s experience. Option D lists types of physiological data, which are UX metrics, but developers don’t often monitor them through APM tools.
Error rate compares the total number of users who attempt a task to the number of users who make a mistake trying to perform the task. The Net Promoter Score measures user satisfaction, another UX metric. Usability is characterized by task success rate, time spent on a task and other measurements.
Question 90: CASBs play a key role in which of the following security functions?
A. Login security
B. Shadow IT control
C. Threat protection
D. All of the above
Correct Answer: D. All of the above
Explanation: CASBs provide secure access to cloud resources, regardless of where the resources are located. Security measures offered by CASBs include login security, shadow IT control, threat protection, data security and more.