Microsoft Exam SC-100 Topic 4 Question 49 Discussion

Actual exam question for Microsoft's SC-100 exam

Question #: 49
Topic #: 4

You are creating an application lifecycle management process based on the Microsoft Security Development Lifecycle (SDL).

You need to recommend a security standard for onboarding applications to Azure. The standard will include recommendations for application design, development, and deployment

What should you include during the application design phase?

Astatic application security testing (SAST) by using SonarQube

Bdynamic application security testing (DAST) by using Veracode

Cthreat modeling by using the Microsoft Threat Modeling Tool

Dsoftware decomposition by using Microsoft Visual Studio Enterprise

Show Suggested Answer

Suggested Answer: D

by Leana at Aug 23, 2024, 05:05 PM

Limited Time Offer

25%

Off

Get Premium SC-100 Questions as Interactive Web-Based Practice Test or PDF

Contribute your Thoughts:

Submit Cancel

Aretha

9 days ago

SonarQube for SAST? Nah, that's for the coding phase. Threat modeling is where it's at for the design phase. *winks*

upvoted 0 times

...

Detra

11 days ago

I agree, threat modeling is crucial for secure application design. It's a comprehensive way to assess potential threats and mitigate them proactively.

upvoted 0 times

...

Rory

20 days ago

I think software decomposition with Microsoft Visual Studio Enterprise should also be included for a comprehensive security standard.

upvoted 0 times

...

Flo

23 days ago

Threat modeling using the Microsoft Threat Modeling Tool seems like the right choice here. It helps identify potential security vulnerabilities early in the design phase.

upvoted 0 times

...

Erick

25 days ago

I agree with Samira, threat modeling with the Microsoft Threat Modeling Tool is crucial for security.

upvoted 0 times

...

Samira

26 days ago

I think we should include threat modeling during the application design phase.

upvoted 0 times

...