Cisco Exam 300-910 Topic 13 Question 74 Discussion

Actual exam question for Cisco's 300-910 exam

Question #: 74
Topic #: 13

Which two practices help make the security of an application a more integral part of the software development lifecycle? (Choose two.)

AAdd a step to the CI/CD pipeline that runs a dynamic code analysis tool during the pipeline execution.

BAdd a step to the CI/CD pipeline that runs a static code analysis tool during the pipeline execution.

CUse only software modules that are written by the internal team.

DAdd a step to the CI/CD pipeline to modify the release plan so that updated versions of the software are made available more often.

EEnsure that the code repository server has enabled drive encryption and stores the keys on a Trusted Platform Module or Hardware Security Module.

Show Suggested Answer

Suggested Answer: C

by Margot at May 09, 2024, 10:53 PM

Limited Time Offer

25%

Off

Get Premium 300-910 Questions as Interactive Web-Based Practice Test or PDF

Contribute your Thoughts:

Submit Cancel

Loise

9 days ago

Hmm, I'm not sure C is a good idea - relying solely on in-house code could limit innovation. But E is an interesting one, gotta keep those keys safe!

upvoted 0 times

...

Lashawn

11 days ago

Ah, finally a question that's not just about memorizing definitions! A and B seem like the most practical options - integrating security into the development process is key.

upvoted 0 times

...

Nydia

14 days ago

I also believe that using software modules written by the internal team can enhance security, so option C could be another good choice.

upvoted 0 times

...

Eun

16 days ago

I agree with Avery. Running dynamic and static code analysis tools during the CI/CD pipeline can help catch security issues early on.

upvoted 0 times

...

Avery

20 days ago

I think options A and B are the best practices for integrating security into the software development lifecycle.

upvoted 0 times

...

Nan

23 days ago

I also believe that using software modules written by the internal team can enhance security, so option C could be another good practice.

upvoted 0 times

...

Kassandra

24 days ago

I agree with Kenia. Running dynamic and static code analysis tools during the CI/CD pipeline can help catch security issues early.

upvoted 0 times

...

Kenia

28 days ago

I think options A and B are the best practices for integrating security into the software development lifecycle.

upvoted 0 times

...