ERC QUIZ

The aim of this quiz is to evaluate possible areas of study. It includes questions about svcs involved under ERC support: snapshot, parser, cloud connector, epo extension, activity feed and reputation plus some regarding TC pipline regular usage.

published on July 01, 2020
1/75

please name the CI for building AF being used and provide the links where the details of test executions, static code analysis and coverage are being shown in the console?

2/75

why does a databus consumer pool exist in clcon and why individual consumers expire? also please indicate the name of the thread technology being involved for planning them accordingly

3/75

pelase name the physical topics subscribed by default when loading AF?

4/75

why is the exponential backoff logic needed for?

5/75

if parser ends without sending kvertice but sending the summary? what does it mean?

6/75

if threat events aren't retrieved from EDR cloud during AF process execution? what are the 2 most probable reasons? (please state clearly the difference of display between the 2 which is the key for understanding the problem)

7/75

what's the name convention for consumer groups associated to ePO extensions?

8/75

how are heart beats displayed in multi ePO environments (single fabric) vs multi fabric for the same account? please draw an example of both scenarios doing focus on the attribute responsible for discriminating the hierarchy (the draw and details must be a comparison) -send draws by e-mail if attachments aren't allowed

9/75

in order to avoid infinite recursions into large trees when discovering, what does ePO extension do?

10/75

if signed script artifact doesn’t appear in TC pipeline, what's the most probable reason for that?

11/75

how do we protect CB access key token in ePO data base?

12/75

where is the dispatcher pattern being used in ePO extension and why?

13/75

why do update locks exist in clcon? please explain the DS registration case?

14/75

what's enrichment and where is the concept applied in parsers?

15/75

if DS is registered in cloud but EDS logs show not found for a tenant base registration? is that fine? what does that mean?

16/75

how does AF support 2.9 python version?

17/75

how does the reactive broker of clcon supports singleton events?

18/75

what are the 2 main differences between rep svc health compared to other services like clcon & parser?

19/75

which are the 2 main technologies being used by clcon for managing thread executions? where are they setup?

20/75

what are raw artifacts and how can they be treated in a generic manner in which we don't need to make a new deploy for supporting new data in the future?

21/75

what do type A and B parsers mean? what's the difference?

22/75

why are strategies used for in clcon? please explain the difference between data and client tasks?

23/75

how is the HB model being set in clcon for supporting the display of the hierarchy of a fabric that could be extensive? what's the persistence key that allows the mentioned situation?

24/75

where are the security verifications for uploading files being performed in the snapshot svc?

25/75

what's the standard date format being used in clcon for handling entities and what's the name of the technology resposible for managing all java script notation objects?

26/75

how can temporal data be shared among several clcon instances in the cloud?

27/75

what is the techology used for storing the prod url of the external rep svc?

28/75

why is AOP being used in clon & snapshot svcs? please provide an example of usage inside current code, what's the purpose of it?

29/75

why are index locks defined in clcon models?

30/75

which is the preferred technology for coding third party integrations using AF and why?

31/75

what versions of python are being supported by AF?

32/75

what’s the main reason for using kafka in parsers besides the fact that the entire enterprise uses it for communication purposes between svcs in the VPC? how is that technology being used in terms of improving performance? Also, what’s the key attribute for that in ms?

33/75

what is the name of the main fature that avoids DoS attacks in snapshot and where is that configured?

34/75

name at least 3 design patterns that are common to any micro service in EDR? (must be cloud patterns)

35/75

why is kubernetes secret used for in clcon?

36/75

why are redirectors being used in clcon? please explain 2 existent flavors

37/75

how can we check file hash reputation in PROD (without accessing the AWS VM instance of rep svc)? please point API if available

38/75

what is the name of the technology being used by clcon & snapshot svcs for handling health status?

39/75

what are the two main modules used in parsers for driving the life cycle of the workflow?

40/75

what's the difference between FS and kafka senders?

41/75

what subscription technology is being used by AF for performing queries of the data obtained from EDR Cloud?

42/75

if an epo is deleted, how is that being reflected in dxl fabric?

43/75

what's a key-value pair parser type used for?

44/75

what happen when temporal data expires in clcon?

45/75

why is polling being used when retrieving data from clcon or the consumer svcs instead of web sockets?

46/75

what’s the maximum size allowed for performing uploads

47/75

what's the name of the technology responsible for storing temporal data in clcon?

48/75

what's the name of the technology being used in parsers for handling threads? what's the store strategy implemented?

49/75

what's more important today? a summary or kvertice?

50/75

what is the precise technology used by AF for retrieving data from EDR cloud and processing it?

51/75

how does the reactive broker of clcon supports prototyped events?

52/75

please name the technology being used for providing code coverage o AF and inform the link to our project

53/75

What's the difference between a svc class and a delegate in clcon? please explain DS registration case?

54/75

why do we use locks within ePO extension and what kind of them do we use?

55/75

why do update locks exist in clcon? please explain the TPS update case?

56/75

what's IoC and what are the possible scopes being utilized in most of our java projects? what's the reason of using it?

57/75

what's the upload manifest? please explain its usage

58/75

where are scripts supported versions set?

59/75

what does it mean that the rep svc reached its quota and what is the inpact on health check? please explain it technically in terms of technologies involved

60/75

what's the name of the main module of the rep svc where the core logic resides?

61/75

how can sample modules be loaded dynamically in AF when they are not defined under setup.py?

62/75

why are webhooks being utilized by clcon? please explain use case

63/75

where are gvy scripts being verified inside ePO extension?

64/75

why are consumer groups (CGs) being used?

65/75

how can clcon APIs be utilized in PROD for doing queries without using EDS?

66/75

what are the names of the two main modules responsible for managing threads and connections in ePO extension?

67/75

what's the technology being used inside parsers for breaking down java script notation objects?

68/75

in most cases the parser works with data in memory for best performance but what about scenarios where the data is to large? please name the two parsers being used for this kind of scenarios & what does the implementation strategy do for this case

69/75

if there is a problem during the onboard of a particular tenant what's the 1st class to take a look at & what's the name of the controller API used for retrying?

70/75

why is restleBean used for inside ePO extension?

71/75

why is DXLFabric utility used for in ePO extension? Also, please provide a draw with an example and how is that being reflected in the cloud

72/75

what's the main purpose of the idevice model in clcon?

73/75

what's the name of the design pattern that clconr and dxl consumer svcs expose for interacting with their clients when performing data retrieval (polling)?

74/75

what's the recommended action when rep svc reaches its quota?

75/75

why do we use grok technology in parsers? also, please name the upload artifact that uses it?