CompTIA
CV0-003 · Question #465
CV0-003 Question #465: Real Exam Question with Answer & Explanation
The correct answer is A: Replace the static code analysis with hardening techniques.. Replacing static code analysis with hardening techniques embeds security proactively into the development process, eliminating the blocking pre-deployment review gate.
DevOps fundamentals
Question
Cloud developers are experiencing a delay caused by the static code review before each deployment. The security operator and developer must address the issue without cutting corners with security testing. Which of the following would BEST address the delay issue?
Options
- AReplace the static code analysis with hardening techniques.
- BPerform the static code analysis earlier in the SDLC.
- CPerform a penetration test instead of a static code analysis.
- DReplace the static code analysis with a vulnerability analysis.
Explanation
Replacing static code analysis with hardening techniques embeds security proactively into the development process, eliminating the blocking pre-deployment review gate.
Common mistakes.
- B. Performing static code analysis earlier in the SDLC shifts when it occurs but does not eliminate the analysis step itself or the associated overhead that contributes to delays.
- C. Penetration testing is a more intensive manual assessment method that would increase the time and effort required before deployment, not reduce it.
- D. Vulnerability analysis evaluates known weaknesses in systems and components and does not replace the code-level security review function or reduce deployment delays.
Concept tested. SDLC security - replacing static analysis with hardening controls
Reference. https://owasp.org/www-project-devsecops-guideline/
Topics
#static code analysis#SDLC#DevSecOps#CI/CD pipeline
Community Discussion
No community discussion yet for this question.