Independence Day Deal! Unlock 25% OFF Today – Limited-Time Offer - Ends In 00:00:00 Coupon code: SAVE25
Welcome to Pass4Success

- Free Preparation Discussions
Mail Us support@pass4success.com
Location PL
Mob_nav_barsMENU

Cisco Exam 300-910 Topic 13 Question 74 Discussion

Actual exam question for Cisco's 300-910 exam
Question #: 74
Topic #: 13
[All 300-910 Questions]

Which two practices help make the security of an application a more integral part of the software development lifecycle? (Choose two.)

Show Suggested Answer Hide Answer
Suggested Answer: C

by Margot at May 09, 2024, 10:53 PM

Limited Time Offer

25%

Off

Get Premium 300-910 Questions as Interactive Web-Based Practice Test or PDF

Contribute your Thoughts:

Submit Cancel
Rickie
1 months ago
A and B for sure, gotta automate that security testing. C is a hard pass, I'm not living in the dark ages. D sounds like the dev team is just trying to cut corners.
upvoted 0 times
...
Dona
1 months ago
I'm going with A and B - can't have too much security, right? Although, E might be good for the paranoid developers out there. Maybe they'll throw in a tinfoil hat too!
upvoted 0 times
...
Latanya
1 months ago
D seems a bit odd, I don't think just releasing more often is the answer. Although, maybe it's to get security updates out faster... Interesting dilemma!
upvoted 0 times
Susana
2 days ago
A) Add a step to the CI/CD pipeline that runs a dynamic code analysis tool during the pipeline execution.
upvoted 0 times
...
...
Loise
2 months ago
Hmm, I'm not sure C is a good idea - relying solely on in-house code could limit innovation. But E is an interesting one, gotta keep those keys safe!
upvoted 0 times
Shantay
26 days ago
E) Ensure that the code repository server has enabled drive encryption and stores the keys on a Trusted Platform Module or Hardware Security Module.
upvoted 0 times
...
Narcisa
1 months ago
B) Add a step to the CI/CD pipeline that runs a static code analysis tool during the pipeline execution.
upvoted 0 times
...
Fairy
2 months ago
A) Add a step to the CI/CD pipeline that runs a dynamic code analysis tool during the pipeline execution.
upvoted 0 times
...
...
Lashawn
2 months ago
Ah, finally a question that's not just about memorizing definitions! A and B seem like the most practical options - integrating security into the development process is key.
upvoted 0 times
...
Nydia
2 months ago
I also believe that using software modules written by the internal team can enhance security, so option C could be another good choice.
upvoted 0 times
...
Eun
2 months ago
I agree with Avery. Running dynamic and static code analysis tools during the CI/CD pipeline can help catch security issues early on.
upvoted 0 times
...
Avery
2 months ago
I think options A and B are the best practices for integrating security into the software development lifecycle.
upvoted 0 times
...
Nan
2 months ago
I also believe that using software modules written by the internal team can enhance security, so option C could be another good practice.
upvoted 0 times
...
Kassandra
3 months ago
I agree with Kenia. Running dynamic and static code analysis tools during the CI/CD pipeline can help catch security issues early.
upvoted 0 times
...
Kenia
3 months ago
I think options A and B are the best practices for integrating security into the software development lifecycle.
upvoted 0 times
...

Save Cancel
az-700  pass4success  az-104  200-301  200-201  cissp  350-401  350-201  350-501  350-601  350-801  350-901  az-720  az-305  pl-300  

Warning: Cannot modify header information - headers already sent by (output started at /pass.php:70) in /pass.php on line 77