ExamTopics Logo
Mail Us[email protected]
Menu
Microsoft Discussions
exam questions

Exam SC-100 All Questions

View all questions & answers for the SC-100 exam
Go to Exam

Exam SC-100 topic 4 question 36 discussion

Actual exam question from Microsoft's SC-100
Question #: 36
Topic #: 4
[All SC-100 Questions]

HOTSPOT
-

You plan to automate the development and deployment of a Node.js-based app by using GitHub.

You need to recommend a DevSecOps solution for the app. The solution must meet the following requirements:

• Automate the generation of pull requests that remediate identified vulnerabilities.
• Automate vulnerability code scanning for public and private repositories.
• Minimize administrative effort.
• Minimize costs.

What should you recommend using? To answer, select the appropriate options in the answer area.

NOTE: Each correct selection is worth one point.

Show Suggested Answer Hide Answer
Suggested Answer:
by hcmonteiro at Oct. 15, 2023, 10:44 a.m.

Comments

Chosen Answer:
This is a voting comment (?). It is better to Upvote an existing comment if you don't have anything to add.
Switch to a voting comment New
Submit Cancel
smanzana
Highly Voted 1 year ago
1- Github enterprise cloud 2- Dependabot
upvoted 13 times
...
RickySmith
Highly Voted 9 months, 3 weeks ago
GitHub Enterprise Cloud https://github.com/pricing Dependabot https://docs.github.com/en/code-security/dependabot/dependabot-version-updates/about-dependabot-version-updates
upvoted 6 times
...
Murtuza
Most Recent 10 months, 1 week ago
Dependabot security updates are automated pull requests that help you update dependencies with known vulnerabilities.
upvoted 3 times
...
Murtuza
10 months, 1 week ago
Code scanning is a feature that you use to analyze the code in a GitHub repository to find security vulnerabilities and coding errors. Any problems identified by the analysis are shown in GitHub Enterprise Cloud.
upvoted 5 times
...
hcmonteiro
1 year ago
Dependabot is another tool that automates the process of keeping project dependencies up to date. It helps developers by monitoring the dependencies used in their projects and notifying them when new versions or security updates are available. So in a way could be dependabot
upvoted 4 times
...
hcmonteiro
1 year ago
2. Codespaces https://docs.github.com/en/codespaces/developing-in-codespaces/using-github-codespaces-for-pull-requests
upvoted 3 times
kvdvliert
1 year ago
Using Codespaces costs money. So this is not the answer.
upvoted 3 times
...
...
hcmonteiro
1 year ago
1. GitHub Enterprise Cloud https://docs.github.com/en/enterprise-cloud@latest/code-security/code-scanning/introduction-to-code-scanning/about-code-scanning https://docs.github.com/en/enterprise-cloud@latest/code-security/code-scanning/introduction-to-code-scanning/about-code-scanning
upvoted 1 times
...
Community vote distribution
A (35%)
C (25%)
B (20%)
Other
Most Voted
A voting comment increases the vote count for the chosen answer by one.

Upvoting a comment with a selected answer will also increase the vote count towards that answer by one. So if you see a comment that you already agree with, you can upvote it instead of posting a new comment.

SaveCancel
exam
Someone Bought Contributor Access for:
SY0-701
London, 1 minute ago