ExamTopics Logo
Mail Us[email protected]
Menu
Microsoft Discussions
exam questions

Exam AZ-400 All Questions

View all questions & answers for the AZ-400 exam
Go to Exam

Exam AZ-400 topic 4 question 43 discussion

Actual exam question from Microsoft's AZ-400
Question #: 43
Topic #: 4
[All AZ-400 Questions]

HOTSPOT -
You have an Azure DevOps project that contains a build pipeline. The build pipeline uses approximately 50 open source libraries.
You need to ensure that the project can be scanned for known security vulnerabilities in the open source libraries.
What should you do? To answer, select the appropriate options in the answer area.
NOTE: Each correct selection is worth one point.
Hot Area:

Show Suggested Answer Hide Answer
Suggested Answer:
Box 1: A Build task -

Trigger a build -
You have a Java code provisioned by the Azure DevOps demo generator. You will use WhiteSource Bolt extension to check the vulnerable components present in this code.
1. Go to Builds section under Pipelines tab, select the build definition WhiteSourceBolt and click on Queue to trigger a build.
2. To view the build in progress status, click on ellipsis and select View build results.

Box 2: WhiteSource Bolt -
WhiteSource is the leader in continuous open source software security and compliance management. WhiteSource integrates into your build process, irrespective of your programming languages, build tools, or development environments. It works automatically, continuously, and silently in the background, checking the security, licensing, and quality of your open source components against WhiteSource constantly-updated definitive database of open source repositories.
Reference:
https://www.azuredevopslabs.com/labs/vstsextend/whitesource/
by PM2 at Aug. 27, 2020, 9:25 p.m.

Comments

Chosen Answer:
This is a voting comment (?). It is better to Upvote an existing comment if you don't have anything to add.
Switch to a voting comment New
Submit Cancel
PM2
Highly Voted 4 years, 2 months ago
Correct verified
upvoted 36 times
Miles19
3 years, 6 months ago
Yes sure
upvoted 5 times
...
...
PDR
Highly Voted 1 year, 4 months ago
correct , although just to add a note that Whitesource Bolt is now Mend Bolt , in case a similar question arises in exam with new name
upvoted 12 times
...
xda
Most Recent 9 months ago
January2024: Had the question, but with "Mend Bolt" as answer instead of WhiteSource. WihteSource was not avaiable to choose.
upvoted 4 times
...
WH16
1 year, 1 month ago
On exam 2023-09-06, selected 1. Build task 2. WhiteSource Bolt Answer is correct.
upvoted 7 times
...
zellck
1 year, 5 months ago
1. Build task 2. WhiteSource Bolt https://marketplace.visualstudio.com/items?itemName=whitesource.whitesource WhiteSource integrates with your CI servers, build tools and repositories to detect all open source components in your software, without ever scanning your code. It provides you with real-time alerts on vulnerable or problematic components, generates comprehensive up-to-date reports in one-click and enables you to streamline your entire open source management process with automated policies.
upvoted 3 times
...
syu31svc
2 years, 2 months ago
Given answer is correct
upvoted 2 times
...
tjeerd
2 years, 3 months ago
On exam 20220727. Answer is correct.
upvoted 1 times
...
Govcomm
2 years, 3 months ago
Build pipeline WhiteSource Bolt
upvoted 1 times
...
Eltooth
2 years, 5 months ago
A build task WhiteSource Bolt
upvoted 3 times
...
UnknowMan
2 years, 5 months ago
Correct
upvoted 1 times
...
rdemontis
2 years, 7 months ago
correct
upvoted 1 times
...
lugospod
2 years, 9 months ago
Got this January 2022. Correct. (100% on that part)
upvoted 4 times
...
jojom19980
3 years, 4 months ago
Correct answer
upvoted 2 times
...
Community vote distribution
A (35%)
C (25%)
B (20%)
Other
Most Voted
A voting comment increases the vote count for the chosen answer by one.

Upvoting a comment with a selected answer will also increase the vote count towards that answer by one. So if you see a comment that you already agree with, you can upvote it instead of posting a new comment.

SaveCancel
exam
Someone Bought Contributor Access for:
SY0-701
London, 1 minute ago