BenchMark Quizzes by MDFT Pro

Select the Correct Method to Scan for Open Source

MDFT Pro has an Azure DevOps project, which includes a build pipeline that makes use of approximately fifty open source libraries. You have been hired by MDFT Pro to ensure that the project can be scanned for common security weaknesses in the open source libraries.

Which of the following actions should you take?

Choose the correct answer from the options below.

Explanations for each answer:

You should create a build task and use the Mend Bolt service. is correct.
You should create a deployment task and use the Mend Bolt service. is incorrect. Mend Bolt should be integrated as a build task, not a deployment task. It needs to scan the code during the build process before deployment to identify security vulnerabilities in open source components.
You should create a build task and use the Chef service. is incorrect. Chef is a configuration management tool used for infrastructure automation, not specifically for scanning security weaknesses in open source libraries. It wouldn't be the appropriate tool for this security scanning requirement.
You should create a deployment task and use the Chef service. is incorrect. Chef is a configuration management tool for infrastructure automation. It's not designed to scan for security vulnerabilities in open source libraries, and implementing it as a deployment task wouldn't address the security scanning requirements.

Learn more about the Mend Bolt extension for Azure DevOps.:

Mend Bolt Extension

Exam Preparation Quiz

Select the Correct Method to Scan for Open Source