ERC QUIZ

The aim of this quiz is to evaluate possible areas of study. It includes questions about svcs involved under ERC support: snapshot, parser, cloud connector, epo extension, activity feed and reputation plus some regarding TC pipline regular usage.

published on July 01, 2020
1/75

how does the reactive broker of clcon supports prototyped events?

2/75

how are heart beats displayed in multi ePO environments (single fabric) vs multi fabric for the same account? please draw an example of both scenarios doing focus on the attribute responsible for discriminating the hierarchy (the draw and details must be a comparison) -send draws by e-mail if attachments aren't allowed

3/75

how can sample modules be loaded dynamically in AF when they are not defined under setup.py?

4/75

why is the exponential backoff logic needed for?

5/75

if there is a problem during the onboard of a particular tenant what's the 1st class to take a look at & what's the name of the controller API used for retrying?

6/75

what are the names of the two main modules responsible for managing threads and connections in ePO extension?

7/75

What's the difference between a svc class and a delegate in clcon? please explain DS registration case?

8/75

where are scripts supported versions set?

9/75

what's the name of the technology responsible for storing temporal data in clcon?

10/75

please name the CI for building AF being used and provide the links where the details of test executions, static code analysis and coverage are being shown in the console?

11/75

how can temporal data be shared among several clcon instances in the cloud?

12/75

if signed script artifact doesn’t appear in TC pipeline, what's the most probable reason for that?

13/75

what’s the maximum size allowed for performing uploads

14/75

why is polling being used when retrieving data from clcon or the consumer svcs instead of web sockets?

15/75

please name the technology being used for providing code coverage o AF and inform the link to our project

16/75

which are the 2 main technologies being used by clcon for managing thread executions? where are they setup?

17/75

why are strategies used for in clcon? please explain the difference between data and client tasks?

18/75

how do we protect CB access key token in ePO data base?

19/75

what does it mean that the rep svc reached its quota and what is the inpact on health check? please explain it technically in terms of technologies involved

20/75

why is DXLFabric utility used for in ePO extension? Also, please provide a draw with an example and how is that being reflected in the cloud

21/75

what do type A and B parsers mean? what's the difference?

22/75

how does AF support 2.9 python version?

23/75

why are index locks defined in clcon models?

24/75

what are the 2 main differences between rep svc health compared to other services like clcon & parser?

25/75

what's more important today? a summary or kvertice?

26/75

where are gvy scripts being verified inside ePO extension?

27/75

if parser ends without sending kvertice but sending the summary? what does it mean?

28/75

in order to avoid infinite recursions into large trees when discovering, what does ePO extension do?

29/75

how can we check file hash reputation in PROD (without accessing the AWS VM instance of rep svc)? please point API if available

30/75

what is the techology used for storing the prod url of the external rep svc?

31/75

why are redirectors being used in clcon? please explain 2 existent flavors

32/75

what's the name convention for consumer groups associated to ePO extensions?

33/75

how does the reactive broker of clcon supports singleton events?

34/75

why is restleBean used for inside ePO extension?

35/75

what's enrichment and where is the concept applied in parsers?

36/75

what's the upload manifest? please explain its usage

37/75

what's the difference between FS and kafka senders?

38/75

what's the main purpose of the idevice model in clcon?

39/75

how can clcon APIs be utilized in PROD for doing queries without using EDS?

40/75

what's a key-value pair parser type used for?

41/75

if an epo is deleted, how is that being reflected in dxl fabric?

42/75

what's the recommended action when rep svc reaches its quota?

43/75

what's the name of the design pattern that clconr and dxl consumer svcs expose for interacting with their clients when performing data retrieval (polling)?

44/75

why do update locks exist in clcon? please explain the DS registration case?

45/75

why are webhooks being utilized by clcon? please explain use case

46/75

pelase name the physical topics subscribed by default when loading AF?

47/75

how is the HB model being set in clcon for supporting the display of the hierarchy of a fabric that could be extensive? what's the persistence key that allows the mentioned situation?

48/75

what's the standard date format being used in clcon for handling entities and what's the name of the technology resposible for managing all java script notation objects?

49/75

name at least 3 design patterns that are common to any micro service in EDR? (must be cloud patterns)

50/75

why is AOP being used in clon & snapshot svcs? please provide an example of usage inside current code, what's the purpose of it?

51/75

in most cases the parser works with data in memory for best performance but what about scenarios where the data is to large? please name the two parsers being used for this kind of scenarios & what does the implementation strategy do for this case

52/75

what’s the main reason for using kafka in parsers besides the fact that the entire enterprise uses it for communication purposes between svcs in the VPC? how is that technology being used in terms of improving performance? Also, what’s the key attribute for that in ms?

53/75

what is the precise technology used by AF for retrieving data from EDR cloud and processing it?

54/75

why does a databus consumer pool exist in clcon and why individual consumers expire? also please indicate the name of the thread technology being involved for planning them accordingly

55/75

if threat events aren't retrieved from EDR cloud during AF process execution? what are the 2 most probable reasons? (please state clearly the difference of display between the 2 which is the key for understanding the problem)

56/75

what subscription technology is being used by AF for performing queries of the data obtained from EDR Cloud?

57/75

what are raw artifacts and how can they be treated in a generic manner in which we don't need to make a new deploy for supporting new data in the future?

58/75

what's the name of the main module of the rep svc where the core logic resides?

59/75

why is kubernetes secret used for in clcon?

60/75

which is the preferred technology for coding third party integrations using AF and why?

61/75

what's the name of the technology being used in parsers for handling threads? what's the store strategy implemented?

62/75

what are the two main modules used in parsers for driving the life cycle of the workflow?

63/75

what is the name of the technology being used by clcon & snapshot svcs for handling health status?

64/75

where are the security verifications for uploading files being performed in the snapshot svc?

65/75

what is the name of the main fature that avoids DoS attacks in snapshot and where is that configured?

66/75

what happen when temporal data expires in clcon?

67/75

why do we use grok technology in parsers? also, please name the upload artifact that uses it?

68/75

why do update locks exist in clcon? please explain the TPS update case?

69/75

if DS is registered in cloud but EDS logs show not found for a tenant base registration? is that fine? what does that mean?

70/75

what's the technology being used inside parsers for breaking down java script notation objects?

71/75

what's IoC and what are the possible scopes being utilized in most of our java projects? what's the reason of using it?

72/75

why are consumer groups (CGs) being used?

73/75

why do we use locks within ePO extension and what kind of them do we use?

74/75

where is the dispatcher pattern being used in ePO extension and why?

75/75

what versions of python are being supported by AF?