ExamTopics Logo
Mail Us[email protected]
Menu
Microsoft Discussions
exam questions

Exam SC-200 All Questions

View all questions & answers for the SC-200 exam
Go to Exam

Exam SC-200 topic 5 question 3 discussion

Actual exam question from Microsoft's SC-200
Question #: 3
Topic #: 5
[All SC-200 Questions]

HOTSPOT -

You have an Azure DevOps organization that uses Microsoft Defender for DevOps. The organization contains an Azure DevOps repository named Repo1 and an Azure Pipelines pipeline named Pipeline1. Pipeline1 is used to build and deploy code stored in Repo1.

You need to ensure that when Pipeline1 runs, Microsoft Defender for Cloud can perform secret scanning of the code in Repo1.

What should you install in the organization, and what should you add to the YAML file of Pipeline1? To answer, select the appropriate options in the answer area.

NOTE: Each correct selection is worth one point.

Show Suggested Answer Hide Answer
Suggested Answer:
by renrenren at March 8, 2024, 6:58 a.m.

Comments

Chosen Answer:
This is a voting comment (?). It is better to Upvote an existing comment if you don't have anything to add.
Switch to a voting comment New
Submit Cancel
tkimura511
Highly Voted 1 year, 5 months ago
Microsoft Security DevOps extension steps
upvoted 11 times
...
Tuitor01
Highly Voted 8 months, 3 weeks ago
Question outdated: it used to be Microsoft Security Devops Extension but not : Note Effective September 20, 2023, the secrets scanning (CredScan) tool within the Microsoft Security DevOps (MSDO) Extension for Azure DevOps has been deprecated. MSDO secrets scanning will be replaced with GitHub Advanced Security for Azure DevOps. https://learn.microsoft.com/en-us/azure/devops/repos/security/configure-github-advanced-security-features?view=azure-devops&tabs=yaml#enable-github-advanced-security
upvoted 5 times
...
g_man_rap
Most Recent 12 months ago
Install:The Microsoft Security DevOps extension: This extension is part of the Microsoft Defender for DevOps suite. It provides the ability to scan for security issues in your codebase, including secret scanning, during the CI/CD pipeline execution. This is the appropriate extension to install to meet the requirement. Add: Steps: In Azure Pipelines, steps are the basic building blocks that define what happens during the execution of the pipeline. To perform secret scanning during the pipeline execution, you'll need to add specific steps to your YAML file that invoke the security scanning provided by the Microsoft Security DevOps extension. This allows the pipeline to scan the code for secrets and other vulnerabilities as part of the build process.
upvoted 3 times
...
smanzana
1 year ago
Microsoft security DevOps extension Steps
upvoted 2 times
...
Beneath
1 year, 3 months ago
it should be Microsoft security DevOps extension and steps
upvoted 2 times
...
renrenren
1 year, 5 months ago
I think correct.Option2: steps, step8 in the link: https://learn.microsoft.com/en-us/azure/defender-for-cloud/azure-devops-extension#configure-the-microsoft-security-devops-azure-devops-extension-1
upvoted 1 times
renrenren
1 year, 4 months ago
should be DevOps extension & steps
upvoted 1 times
...
...
Community vote distribution
A (35%)
C (25%)
B (20%)
Other
Most Voted
A voting comment increases the vote count for the chosen answer by one.

Upvoting a comment with a selected answer will also increase the vote count towards that answer by one. So if you see a comment that you already agree with, you can upvote it instead of posting a new comment.

SaveCancel