ExamTopics Logo
Mail Us[email protected]
Menu
Microsoft Discussions
exam questions

Exam SC-100 All Questions

View all questions & answers for the SC-100 exam
Go to Exam

Exam SC-100 topic 4 question 5 discussion

Actual exam question from Microsoft's SC-100
Question #: 5
Topic #: 4
[All SC-100 Questions]

You are creating an application lifecycle management process based on the Microsoft Security Development Lifecycle (SDL).
You need to recommend a security standard for onboarding applications to Azure. The standard will include recommendations for application design, development, and deployment.
What should you include during the application design phase?

  • A. software decomposition by using Microsoft Visual Studio Enterprise
  • B. dynamic application security testing (DAST) by using Veracode
  • C. threat modeling by using the Microsoft Threat Modeling Tool
  • D. static application security testing (SAST) by using SonarQube
Show Suggested Answer Hide Answer
Suggested Answer: C 🗳️
by prabhjot at Sept. 2, 2022, 10:01 a.m.

Comments

Chosen Answer:
This is a voting comment (?). It is better to Upvote an existing comment if you don't have anything to add.
Switch to a voting comment New
Submit Cancel
prabhjot
Highly Voted 2 years, 9 months ago
100% correct
upvoted 12 times
...
awssecuritynewbie
Highly Voted 2 years, 4 months ago
Selected Answer: C
never would MS recommend a 3rd party tool so it would be C
upvoted 6 times
...
sbukhzam
Most Recent 6 months, 3 weeks ago
Selected Answer: A
A or C both are MS..From Chatgpt :Software decomposition using Microsoft Visual Studio Enterprise typically occurs in the Design Phase of the Secure Development Lifecycle (SDL).
upvoted 1 times
...
zellck
2 years, 1 month ago
Selected Answer: C
C is the answer. https://learn.microsoft.com/en-us/azure/cloud-adoption-framework/secure/devsecops-controls#plan-and-develop Typically, modern development follows an agile development methodology. Scrum is one implementation of agile methodology that has every sprint start with a planning activity. Introducing security into this part of the development process should focus on: - Threat modeling to view the application through the lens of a potential attacker
upvoted 1 times
...
Ajdlfasudfo0
2 years, 3 months ago
Selected Answer: C
https://learn.microsoft.com/en-us/windows/security/threat-protection/msft-security-dev-lifecycle
upvoted 1 times
...
TJ001
2 years, 5 months ago
Agree with C
upvoted 3 times
...
ksksilva2022
2 years, 7 months ago
Selected Answer: C
https://learn.microsoft.com/en-us/azure/security/develop/threat-modeling-tool
upvoted 3 times
...
SelloLed
2 years, 7 months ago
Answer= C
upvoted 2 times
...
Community vote distribution
A (35%)
C (25%)
B (20%)
Other
Most Voted
A voting comment increases the vote count for the chosen answer by one.

Upvoting a comment with a selected answer will also increase the vote count towards that answer by one. So if you see a comment that you already agree with, you can upvote it instead of posting a new comment.

SaveCancel