Here is a list of questions for you to test your knowledge regarding this chapter's material. You will find the answers in the Assessments section of the Appendix:

1. True or False: Securing the delivery of software is just a single step in a deployment pipeline.
2. Which tool can be used for security testing, where a proxy is used to identify valid application URLs and then perform different attacks, such as injections on an application?
3. True or False: In most modern applications, over 50% of the code base comes from open source libraries.
4. What are the secure locations for storing the secrets needed during deployment or for running an application? (You can choose more than one answer.)
   1. Azure Pipelines variables that are marked as secret
   2. Azure Key Vault
   3. Azure DevOps Key Vault
   4. Azure Variable Groups
   5. Azure DevOps Secure Variables
   6. Azure DevOps Service Connection
5. Which two Azure offerings can be used to detect security risks at runtime?