300-910 Question #127: Real Exam Question with Answer & Explanation

The correct answer is C: SAST. To find vulnerabilities early in the development lifecycle, reduce troubleshooting resources, and minimize identification costs, Static Application Security Testing (SAST) is the most suitable secure DevOps testing method.

Security

Question

A DevOps team must ensure security throughout the CI/CD pipeline production and test these principles: - Ensure vulnerabilities are found early in the development lifecycle. - Use less resources for troubleshooting. - Minimize the cost for issue identification. Which secure DevOps testing method must be used?

Options

ARASP
BDAST
CSAST
Dunit testing

Explanation

To find vulnerabilities early in the development lifecycle, reduce troubleshooting resources, and minimize identification costs, Static Application Security Testing (SAST) is the most suitable secure DevOps testing method.

Common mistakes.

A. RASP (Runtime Application Self-Protection) integrates into an application to prevent attacks in real-time, but it does not primarily focus on finding vulnerabilities early in the development lifecycle.
B. DAST (Dynamic Application Security Testing) scans a running application, finding issues later in the development cycle, which typically incurs higher remediation costs compared to SAST.
D. Unit testing focuses on verifying individual code component functionality and is not designed for comprehensive security vulnerability detection across the codebase.

Concept tested. Static Application Security Testing (SAST) benefits.

Reference. https://learn.microsoft.com/en-us/azure/security/develop/secure-devops-best-practices-static-analysis-dynamic-analysis

Topics

#SAST#Secure DevOps#Vulnerability Detection#SDLC

Community Discussion

No community discussion yet for this question.

Full 300-910 Practice Browse All 300-910 Questions