Answer-first summary for fast verification
Answer: GitHub Advanced Security
GitHub Advanced Security is the best solution to meet the application development requirements. It provides features such as code scanning, which searches for potential security vulnerabilities and coding errors in the code, and secret scanning, which detects secrets like keys and tokens that are checked into the repository. Additionally, GitHub Advanced Security performs scans at the time the code is pushed to a repository, which aligns perfectly with the requirement that scanning must occur when the code is pushed. Azure Key Vault, Azure DevTest Labs, and Application Insights in Azure Monitor do not provide the necessary capabilities to scan code for security vulnerabilities and secrets at the time of code push.
Author: LeetQuiz Editorial Team
Ultimate access to all questions.
No comments yet.
You need to recommend a solution for scanning an application's code to ensure it meets specific development requirements. The code will be stored in GitHub Enterprise, and any modifications to the codebase must be checked for security vulnerabilities. This includes detecting application code or configuration files that contain secrets in clear text. It's important that the code scanning occurs at the time the code is pushed to the repository. What solution should you recommend?
A
GitHub Advanced Security
B
Azure Key Vault
C
Azure DevTest Labs
D
Application Insights in Azure Monitor