Cyber Monday 2024! Hurry Up, Grab the Special Discount - Save 25% - Ends In 00:00:00 Coupon code: SAVE25
Welcome to Pass4Success

- Free Preparation Discussions

CloudBees Exam CCJE Topic 4 Question 61 Discussion

Actual exam question for CloudBees's CCJE exam
Question #: 61
Topic #: 4
[All CCJE Questions]

You are the administrator of a base Jenkins master with the recommended set of plugins installed. You want to protect the Jenkins master against malicious (or bad) usages of Groovy methods. You also want your users to be able to share their Pipeline code via Globa Pipeline Libraries housed on a git repository under your company's Github Organization. Which of the following statements is TRUE?

Show Suggested Answer Hide Answer
Suggested Answer: D

Contribute your Thoughts:

Garry
5 months ago
In that case, we should definitely go with option A then.
upvoted 0 times
...
Justine
5 months ago
I agree with User1, it's important to protect against malicious usages.
upvoted 0 times
...
Jeff
5 months ago
Yes, but it also allows developers to run code on the Groovy sandbox for added security.
upvoted 0 times
...
Lili
6 months ago
But wouldn't that make the libraries run as 'untrusted' code?
upvoted 0 times
...
Phillip
6 months ago
I think we should configure Global Pipeline Libraries at the Github Organization level.
upvoted 0 times
...
Johnathon
6 months ago
I think C would be the best option. Having libraries at the Pipeline level with untrusted code allows for more flexibility and safety.
upvoted 0 times
...
Shawnna
7 months ago
I'm torn between A and B. Both have their merits. We should consider how much control we want to give developers over the Jenkins master.
upvoted 0 times
...
Bobbie
7 months ago
I disagree with Erin. I believe the answer is B. Having trusted code at the folder level ensures security for all developers.
upvoted 0 times
...
Erin
7 months ago
I think the answer is A. Setting up Global Pipeline Libraries at the Github Organization level with untrusted code seems like the safest option.
upvoted 0 times
...
Pearly
8 months ago
Yeah, that makes sense. But B) says we shouldn't configure any Global Pipeline Libraries at the folder level, and that the libraries would be running as 'trusted' code, allowing all developers to execute privileged methods. That sounds like a big security risk.
upvoted 0 times
...
Ivette
8 months ago
Alright, let's dive into the options. A) seems to suggest configuring Global Pipeline Libraries at the Github Organization level, with the libraries running as 'untrusted' code. That would allow developers to run code in the Groovy sandbox, which sounds like a good security measure.
upvoted 0 times
...
Raylene
8 months ago
Haha, 'trusted' and 'untrusted' code, it's like we're dealing with superheroes and supervillains here! But in all seriousness, this is an important distinction.
upvoted 0 times
...
Darnell
8 months ago
Exactly. I think the key here is whether the libraries are running as 'trusted' or 'untrusted' code. That will determine what kind of access they have to the Jenkins master.
upvoted 0 times
...
Vivan
8 months ago
I agree. And the ability to share Pipeline code through Global Pipeline Libraries is a really useful feature, but we need to make sure it's set up securely.
upvoted 0 times
...
Carmen
8 months ago
Hmm, this question seems to be testing our understanding of Jenkins' security configurations. Protecting the Jenkins master from malicious Groovy methods is definitely a critical concern.
upvoted 0 times
Yong
7 months ago
C) You should configure Global Pipeline Libraries at the Pipeline level: The libraries are running as 'untrusted' code, allowing developers to run code on the Groovy sandbox.
upvoted 0 times
...
Silvana
7 months ago
But doesn't that leave the potential for security vulnerabilities if developers can run untrusted code?
upvoted 0 times
...
Novella
7 months ago
A) You should configure Global Pipeline Libraries at the Github Organization level: The libraries are running as 'untrusted' code, allowing developer to run code on the Groovy sandbox.
upvoted 0 times
...
...

Save Cancel
az-700  pass4success  az-104  200-301  200-201  cissp  350-401  350-201  350-501  350-601  350-801  350-901  az-720  az-305  pl-300  

Warning: Cannot modify header information - headers already sent by (output started at /pass.php:70) in /pass.php on line 77