Practice - 5 Tasks
Answer the questions below
1fill in blank
easyComplete the code to run a basic security scan using tfsec.
Terraform
tfsec [1] Drag options to blanks, or click blank then click option'
Attempts:
3 left
💡 Hint
Common Mistakes
Using --init instead of specifying the directory
Using --apply which is not a tfsec option
Using --plan which is a Terraform command, not tfsec
✗ Incorrect
tfsec scans the current directory by default when you specify ..
2fill in blank
mediumComplete the code to run checkov on a Terraform directory.
Terraform
checkov -d [1] Drag options to blanks, or click blank then click option'
Attempts:
3 left
💡 Hint
Common Mistakes
Using unrelated directories that don't contain Terraform files
Confusing checkov flags with Terraform commands
✗ Incorrect
The -d flag tells checkov which directory to scan. . means current directory.
3fill in blank
hardFix the error in the command to run tfsec with JSON output.
Terraform
tfsec --format [1] Drag options to blanks, or click blank then click option'
Attempts:
3 left
💡 Hint
Common Mistakes
Using unsupported formats like xml or yaml
Using txt which is not a valid format flag
✗ Incorrect
tfsec supports JSON output format using --format json.
4fill in blank
hardFill both blanks to run checkov on a Terraform directory with output to a file.
Terraform
checkov -d [1] --output-file-path [2]
Drag options to blanks, or click blank then click option'
Attempts:
3 left
💡 Hint
Common Mistakes
Putting skip-check flags in place of directory or output file
Using invalid file names or paths
✗ Incorrect
The -d flag specifies the directory, and --output-file-path specifies the output file.
5fill in blank
hardFill all three blanks to run tfsec on a specific directory, output JSON, and exclude a rule.
Terraform
tfsec [1] --format [2] --exclude [3]
Drag options to blanks, or click blank then click option'
Attempts:
3 left
💡 Hint
Common Mistakes
Using a file instead of directory for first blank
Using unsupported formats
Using invalid or unrelated exclude values
✗ Incorrect
Specify the directory, output format, and rule to exclude correctly.