Skip to main content

Skillber v1.0 is here!

Learn more
On this page

    Security Automation Flashcards

    Checking access...

    Test your understanding of the Security Automation module. Click a card to flip it between question and answer. Use the arrows, keyboard (← →), or swipe on mobile to move through the deck.

    1 / 0
    Question

    What does SOAR stand for?

    Click to reveal answer

    Answer

    Security Orchestration, Automation, and Response.

    Click to see question

    Question

    What are the five core capabilities of a SOAR platform?

    Click to reveal answer

    Answer

    Threat Intelligence ingestion, Incident Management, Orchestration (tool APIs), Automation (playbooks), Case Management (collaboration).

    Click to see question

    Question

    What is a SOAR playbook?

    Click to reveal answer

    Answer

    An automated workflow defining trigger conditions, decision steps, and response actions — executed automatically or manually approved.

    Click to see question

    Question

    By what percentage can SOAR reduce SOC alert volume?

    Click to reveal answer

    Answer

    Up to 60% — automated triage handles routine alerts without analyst involvement.

    Click to see question

    Question

    What is shift-left security?

    Click to reveal answer

    Answer

    Integrating security testing earlier in the development lifecycle — finding vulnerabilities before they reach production.

    Click to see question

    Question

    What are the six stages of a DevSecOps pipeline?

    Click to reveal answer

    Answer

    Commit → SAST → SCA → Build → Container Scan → Deploy → DAST → Compliance Check.

    Click to see question

    Question

    What is an SBOM?

    Click to reveal answer

    Answer

    Software Bill of Materials — a machine-readable inventory of all components and dependencies in a software application.

    Click to see question

    Question

    What does SAST stand for?

    Click to reveal answer

    Answer

    Static Application Security Testing — scanning source code for vulnerabilities without executing it.

    Click to see question

    Question

    What does DAST stand for?

    Click to reveal answer

    Answer

    Dynamic Application Security Testing — scanning running applications for vulnerabilities.

    Click to see question

    Question

    What is the key weakness of SAST?

    Click to reveal answer

    Answer

    False positives — SAST can flag code paths that are not actually exploitable in the runtime context.

    Click to see question

    Question

    What is the key weakness of DAST?

    Click to reveal answer

    Answer

    Limited coverage — DAST can only find issues in code paths that are actually executed during scanning.

    Click to see question

    Question

    What does SCA stand for?

    Click to reveal answer

    Answer

    Software Composition Analysis — scanning open source dependencies for known vulnerabilities.

    Click to see question

    Question

    What is a Semgrep rule?

    Click to reveal answer

    Answer

    A pattern-based static analysis rule that matches code patterns to find security vulnerabilities.

    Click to see question

    Question

    What does OPA stand for?

    Click to reveal answer

    Answer

    Open Policy Agent — an open-source policy engine for cloud-native environments.

    Click to see question

    Question

    What language does OPA use for writing policies?

    Click to reveal answer

    Answer

    Rego — a declarative policy language designed for cloud-native environments.

    Click to see question

    Question

    What is Checkov?

    Click to reveal answer

    Answer

    An IaC security scanner that checks Terraform, CloudFormation, and Kubernetes configurations for misconfigurations.

    Click to see question

    Question

    What is GitGuardian used for?

    Click to reveal answer

    Answer

    Secret scanning — detecting API keys, passwords, tokens, and other credentials committed to code repositories.

    Click to see question

    Question

    What does trufflehog scan for?

    Click to reveal answer

    Answer

    Secrets in git repositories, including historical commits and branches.

    Click to see question

    Question

    What is a security gate in CI/CD?

    Click to reveal answer

    Answer

    A decision point in the pipeline that blocks or allows deployment based on security scan results.

    Click to see question

    Question

    What severity levels should block a CI/CD pipeline?

    Click to reveal answer

    Answer

    Critical and High findings should block; Medium and Low should warn.

    Click to see question

    Question

    What is OWASP ZAP?

    Click to reveal answer

    Answer

    Zed Attack Proxy — an open-source DAST tool for finding vulnerabilities in web applications.

    Click to see question

    Question

    What is Snyk?

    Click to reveal answer

    Answer

    A developer security platform for SCA, SAST, and container scanning — integrates into CI/CD pipelines.

    Click to see question

    Question

    What is Dependabot?

    Click to reveal answer

    Answer

    A GitHub-native dependency update tool that automatically creates PRs when vulnerable dependencies are detected.

    Click to see question

    Question

    What is Gitleaks?

    Click to reveal answer

    Answer

    An open-source secret scanning tool for git repositories.

    Click to see question

    Question

    What is the SolarWinds supply chain attack?

    Click to reveal answer

    Answer

    Attackers compromised the SolarWinds Orion build pipeline and injected a backdoor into software updates, affecting 18,000+ customers.

    Click to see question

    Question

    What is the purpose of a SAST false positive?

    Click to reveal answer

    Answer

    A flagged vulnerability that is not actually exploitable — SAST tools sacrifice precision for coverage.

    Click to see question

    Question

    What command runs a Semgrep scan with community rules?

    Click to reveal answer

    Answer

    semgrep --config=auto src/ — runs auto-detected community rules against the src/ directory.

    Click to see question

    Question

    What command generates an SBOM using CycloneDX?

    Click to reveal answer

    Answer

    cyclonedx-bom -o bom.xml — generates a standardised SBOM in CycloneDX format.

    Click to see question

    Question

    What does the OPA deny keyword represent?

    Click to reveal answer

    Answer

    A policy violation — any rule named deny that evaluates to true generates a denial message.

    Click to see question

    Question

    What is branch protection in GitHub?

    Click to reveal answer

    Answer

    A repository setting that enforces rules before merging — required reviews, status checks, signed commits.

    Click to see question

    Swipe or use arrows

    Tip

    Review any cards you got wrong by navigating to the corresponding module page for a deeper explanation.