AZ-400 · Question #494
Drag and Drop Question You have an Azure Pipelines application CI/CD pipeline named Pipeline1. You need to add OWASP ZAP testing to Pipeline1. Which four actions should you add to Pipeline1 in sequenc
The correct answer is Pull OWASP ZAP weekly.; Start a container.; Run the baseline.; Report the results.. The correct sequence follows the logical workflow for integrating OWASP ZAP into an Azure Pipeline: first pull the OWASP ZAP weekly Docker image from the registry, then start a container using that image, run the baseline scan (which is the standard passive scan appropriate for C
Question
Exhibit
Answer Area
Drag items
Correct arrangement
- Pull OWASP ZAP weekly.
- Start a container.
- Run the baseline.
- Report the results.
Explanation
The correct sequence follows the logical workflow for integrating OWASP ZAP into an Azure Pipeline: first pull the OWASP ZAP weekly Docker image from the registry, then start a container using that image, run the baseline scan (which is the standard passive scan appropriate for CI/CD pipelines as it doesn't attack the site aggressively), and finally report the results for review. This four-step sequence represents the minimal, standard ZAP integration pattern recommended for CI/CD pipelines where speed and safety are priorities.
Topics
Community Discussion
No community discussion yet for this question.
