ExamTopics Logo
Mail Us[email protected]
Menu
Microsoft Discussions
exam questions

Exam AZ-400 All Questions

View all questions & answers for the AZ-400 exam
Go to Exam

Exam AZ-400 topic 4 question 30 discussion

Actual exam question from Microsoft's AZ-400
Question #: 30
Topic #: 4
[All AZ-400 Questions]

Note: This question is part of a series of questions that present the same scenario. Each question in the series contains a unique solution that might meet the stated goals. Some question sets might have more than one correct solution, while others might not have a correct solution.
After you answer a question in this section, you will NOT be able to return to it. As a result, these questions will not appear in the review screen.
You plan to update the Azure DevOps strategy of your company.
You need to identify the following issues as they occur during the company's development process:
✑ Licensing violations
✑ Prohibited libraries
Solution: You implement automated security testing.
Does this meet the goal?

  • A. Yes
  • B. No
Show Suggested Answer Hide Answer
Suggested Answer: A 🗳️
by manojsb at April 25, 2021, 12:46 p.m.

Comments

Chosen Answer:
This is a voting comment (?). It is better to Upvote an existing comment if you don't have anything to add.
Switch to a voting comment New
Submit Cancel
JimmyC
Highly Voted 4 years, 3 months ago
IMO this is the correct answer (it should be Yes). I've already explained in the previous answer why Continuous Integration is wrong, and that Whitesource Bolt is not necessarily part of CI. However, Whitesource Bolt *IS* an automated security testing solution (which is added to the build pipeline). This answer is more specific, and more correct, than the CI answer.
upvoted 58 times
CyberLumi
4 years, 2 months ago
I agree with you Jimmy
upvoted 3 times
...
...
AugustineUba
Most Recent 1 month ago
Selected Answer: A
Both CI and automated security testing could both be right, it is important to remember, the instruction clearly says some question could have more than one correct answer.
upvoted 1 times
...
upliftinghut
1 month, 1 week ago
Selected Answer: A
automated security testing helps with prohibited libraries
upvoted 1 times
...
Dankho
8 months, 2 weeks ago
Selected Answer: B
Automated security testing focuses on identifying security vulnerabilities (e.g., code injection risks, unpatched libraries, or misconfigurations). While it is a critical part of a secure development lifecycle, it does not directly address licensing violations or prohibited libraries, which are related to compliance and legal issues.
upvoted 1 times
...
60ties
1 year ago
Selected Answer: B
Answer is B. Licensing violation is not a code security issue. It is a legal issue. The "solution: You implement automated security testing." is for code testing & not legalities.
upvoted 2 times
...
UrbanRellik
1 year, 3 months ago
Selected Answer: A
WhiteSource, Mend Bolt supports automated security testing when integrated into a CI pipeline.
upvoted 1 times
...
Mattt
1 year, 3 months ago
Selected Answer: B
B is correct
upvoted 1 times
...
4bd3116
1 year, 3 months ago
Selected Answer: A
Automated Security Testing: Set up automated security testing in your CI/CD pipeline. Use tools like WhiteSource Bolt or Snyk to scan your codebase for vulnerabilities, security risks, and licensing issues. Configure Licensing Compliance Checks: Ensure that your automated tests also verify licensing compliance. Address any licensing violations or prohibited libraries promptly.
upvoted 2 times
...
chloaus
1 year, 4 months ago
A. Here is an example: https://www.synopsys.com/software-integrity/software-composition-analysis-tools/black-duck-sca.html
upvoted 1 times
...
AymanAkk
1 year, 11 months ago
Selected Answer: A
answer is A
upvoted 1 times
...
Ret2Me
1 year, 11 months ago
Selected Answer: B
In my opinion licensing violation is not mandatory part of the security test
upvoted 3 times
...
Sukon_Desknot
2 years ago
Selected Answer: B
The answer is B, security testing can be implemented and it still won't check the issue of prohibited libraries or licensing issues
upvoted 1 times
...
flafernan
2 years ago
Selected Answer: B
B - No. Implementing automated security testing does not specifically address the issues of licensing violations and prohibited libraries. While automated security testing is important for identifying vulnerabilities and security issues in code, it is not focused on issues related to licenses and libraries.
upvoted 2 times
...
flafernan
2 years ago
B - No. Implementing automated security testing does not specifically address the issues of licensing violations and prohibited libraries. While automated security testing is important for identifying vulnerabilities and security issues in code, it is not focused on issues related to licenses and libraries.
upvoted 1 times
...
catfood
2 years ago
Selected Answer: B
licencing issues isn't security scanning.... "finding and fixing open source vulnerabilities" using mend bolt, yes that would likely come under security scanning.
upvoted 2 times
...
DGladiator
2 years, 2 months ago
GPT4 Yes, implementing automated security testing with the right tools could meet the goal, but only partially. Automated security testing can help identify security vulnerabilities in your software, but on its own, it may not be fully equipped to identify licensing violations or usage of prohibited libraries.
upvoted 1 times
...
Mcs_
2 years, 3 months ago
No, this does not meet the goal. Automated security testing can help identify some security issues in the code, such as vulnerabilities, misconfigurations, or malicious code. However, automated security testing cannot detect licensing violations or prohibited libraries, which are related to the legal and compliance aspects of using open-source software. To identify these issues, you need to use a tool that can scan the open-source components and their licenses in your application, such as WhiteSource Bolt.
upvoted 3 times
...
Load full discussion...
Community vote distribution
A (35%)
C (25%)
B (20%)
Other
Most Voted
A voting comment increases the vote count for the chosen answer by one.

Upvoting a comment with a selected answer will also increase the vote count towards that answer by one. So if you see a comment that you already agree with, you can upvote it instead of posting a new comment.

SaveCancel