Practice Test 5 | Designing And Implementing Microsoft DevOps Solutions | AZ-400 | Dumps | Mock Test
A company wants to implement DevOps processes for a set of applications. These applications are based on the .Net framework. They want to ensure that security validation is performed during each stage of the application lifecycle. They want to ensure the following.
- Static Code Analysis is performed during the development stage.
- Static Code Analysis is performed during the Continuous Integration stage.
- All high severity issues are logged in a tracking tool.
You have to advise on the right tool that can be used for these requirements.
Which of the following can be used for the requirement?
“Static Code Analysis is performed during the development stage”.
A. Slack
B. Jenkins
C. SonarQube
D. PMD
E. Azure Boards
Answer – C
SonarQube is a code analysis tool that can be used during the development and continuous integration stage.
Below is a snippet from the SonarQube documentation on what you can achieve with the tool.
Option A is incorrect since this is a collaboration-based tool.
Option B is incorrect since this is a continuous integration tool.
Option D is incorrect since this tool can be used for Java-based applications only.
Option E is incorrect since this tool is used for managing software projects.
For more information on SonarQube, please visit the below URL-
Comments are closed, but trackbacks and pingbacks are open.