Practice Test 2 | Google Cloud Certified Professional Cloud Architect | Dumps | Mock Test
Your company places a high value on being responsive and meeting customer needs quickly. Their primary business objectives are release speed and agility. You want to reduce the chance of security errors being accidentally introduced. Which two actions can you take? (Select TWO)
A. Use source code security analyzers as part of the CI/CD pipeline.
B. Ensure you have stubs to unit test all interfaces between components.
C. Ensure every code check-in is peer reviewed by a security SME.
D. Run a vulnerability security scanner as part of your continuous-integration /continuous- delivery (CI/CD) pipeline.
E. Enable code signing and a trusted binary repository integrated with your CI/CD pipeline.
Correct Answer: A and D
A (Correct answer) – it’s generally considered as a good practice to leverage source code security analyzers integrated with your CI/CD pipeline.
D (Correct Answer) – Run a vulnerability security scanner as part of your continuous-integration /continuous-delivery (CI/CD) pipeline – it’s generally considered as a good practice to do Security scanning of the application and infrastructure as part of the CI/CD pipeline.
B – Ensure you have stubs to unit test all interfaces between components – this is just one of the specific approaches to unit testing your code, not for security error detection.
C and E – The process is not required for an agile practice and it would slow down not speed up the release. Also, those do not specifically have added value for security error detection.
Comments are closed, but trackbacks and pingbacks are open.