AZ-400 · Question #469
You have a GitHub repository. You need to ensure that all the code in the repository is scanned for vulnerabilities. What should you use?
The correct answer is C. CodeQL actions. Static analysis tool to your code for potential security vulnerabilities and other code-related >Dependabot alerts, focused on dependencies to detect security vulnerabilities. >Branch protection rules, enforce certain checks and restrictions before allowing changes to be merged,
Question
Options
- ADependabot alerts
- Bbranch protection rules
- CCodeQL actions
- DGitHub Advisory Database databases
How the community answered
(27 responses)- A7% (2)
- C89% (24)
- D4% (1)
Explanation
Static analysis tool to your code for potential security vulnerabilities and other code-related >Dependabot alerts, focused on dependencies to detect security vulnerabilities. >Branch protection rules, enforce certain checks and restrictions before allowing changes to be merged, e.g. Require an code review, ensure that all tests pass, specify number of approving >GitHub Advisory Database, Central repository of known vulnerabilities that can be accessed by various security-related tools, e.g. Dependabot.
Community Discussion
No community discussion yet for this question.