Microsoft
AZ-400 · Question #224
You are designing the security validation strategy for a project in Azure DevOps. You need to identify package dependencies that have known security issues and can be resolved by an update. What shoul
The correct answer is D. SonarQube. SonarQube is an open-source platform developed by SonarSource for continuous inspection of code quality to perform automatic reviews with static analysis of code to detect bugs, code smells, and security vulnerabilities on 20+ programming languages.
Submitted by suresh_in· Mar 6, 2026Develop a security and compliance plan
Question
You are designing the security validation strategy for a project in Azure DevOps. You need to identify package dependencies that have known security issues and can be resolved by an update. What should you use?
Options
- AOctopus Deploy
- BJenkins
- CGradle
- DSonarQube
How the community answered
(29 responses)- A3% (1)
- C3% (1)
- D93% (27)
Explanation
SonarQube is an open-source platform developed by SonarSource for continuous inspection of code quality to perform automatic reviews with static analysis of code to detect bugs, code smells, and security vulnerabilities on 20+ programming languages.
Community Discussion
No community discussion yet for this question.