ExamTopics Logo
Mail Us[email protected]
Menu
Microsoft Discussions
exam questions

Exam AZ-400 All Questions

View all questions & answers for the AZ-400 exam
Go to Exam

Exam AZ-400 topic 4 question 41 discussion

Actual exam question from Microsoft's AZ-400
Question #: 41
Topic #: 4
[All AZ-400 Questions]

Your company is concerned that when developers introduce open source libraries, it creates licensing compliance issues.
You need to add an automated process to the build pipeline to detect when common open source libraries are added to the code base.
What should you use?

  • A. Microsoft Visual SourceSafe
  • B. Code Style
  • C. Black Duck
  • D. Jenkins
Show Suggested Answer Hide Answer
Suggested Answer: C 🗳️
by UnknowMan at May 7, 2022, 9:47 p.m.

Comments

Chosen Answer:
This is a voting comment (?). It is better to Upvote an existing comment if you don't have anything to add.
Switch to a voting comment New
Submit Cancel
Eltooth
Highly Voted 3 years, 2 months ago
Selected Answer: C
C is correct answer. FYI - there will be an update to exam content in June 2022 and all 3rd party questions will be removed.
upvoted 7 times
...
dang12394
Most Recent 1 year ago
Selected Answer: C
quack quack
upvoted 2 times
...
zellck
2 years, 2 months ago
Selected Answer: C
C is the answer. https://marketplace.visualstudio.com/items?itemName=black-duck-software.detect-for-tfs The Black Duck by Synopsys plugin for TFS and Azure DevOps allows automatic identification of open source security vulnerabilities during your application build process. The integration allows you to enforce policies configured in Black Duck to receive alerts and fail builds when policy violations are met.
upvoted 2 times
zellck
2 years, 2 months ago
Black Duck by Synopsys helps organizations identify and manage open source security, license compliance and operational risks across applications and containers. Black Duck is powered by the world’s largest open source KnowledgeBase™, which containins information from over 13,000 unique sources, includes support for over 80 programming languages, provides timely and enhanced vulnerability information, and is backed by a dedicated team of open source and security experts. The KnowledgeBase™, combined with the broadest support for platforms, languages and integrations, is why 2,000 organizations worldwide rely on Black Duck to secure and manage open source.
upvoted 1 times
...
...
syu31svc
3 years ago
Selected Answer: C
"Overview Black Duck Hub and its plugin for Team Foundation Server (TFS) allows you to automatically find and fix open source security vulnerabilities during the build process, so you can proactively manage risk. The integration allows you to receive alerts and fail builds when any Black Duck Hub policy violations are met." Link supports C as the answer
upvoted 3 times
...
Govcomm
3 years ago
Blackduck
upvoted 1 times
...
UnknowMan
3 years, 2 months ago
Correct
upvoted 2 times
...
Community vote distribution
A (35%)
C (25%)
B (20%)
Other
Most Voted
A voting comment increases the vote count for the chosen answer by one.

Upvoting a comment with a selected answer will also increase the vote count towards that answer by one. So if you see a comment that you already agree with, you can upvote it instead of posting a new comment.

SaveCancel