CS0-003 · Question #36
CS0-003 Question #36: Real Exam Question with Answer & Explanation
The correct answer is C: Use application security scanning as part of the pipeline for the CI/CD flow. Application security scanning is a process that involves testing and analyzing applications for security vulnerabilities, such as injection flaws, broken authentication, cross-site scripting, and insecure configuration. Application security scanning can help identify and fix secu
Question
During security scanning, a security analyst regularly finds the same vulnerabilities in a critical application. Which of the following recommendations would best mitigate this problem if applied along the SDLC phase?
Options
- AConduct regular red team exercises over the application in production
- BEnsure that all implemented coding libraries are regularly checked
- CUse application security scanning as part of the pipeline for the CI/CD flow
- DImplement proper input validation for any data entry form
Explanation
Application security scanning is a process that involves testing and analyzing applications for security vulnerabilities, such as injection flaws, broken authentication, cross-site scripting, and insecure configuration. Application security scanning can help identify and fix security issues before they become exploitable by attackers. Using application security scanning as part of the pipeline for the continuous integration/continuous delivery (CI/CD) flow can help mitigate the problem of finding the same vulnerabilities in a critical application during security scanning. This is because application security scanning can be integrated into the development lifecycle and performed automatically and frequently as part of the CI/CD process.
Topics
Community Discussion
No community discussion yet for this question.