Microsoft Cybersecurity Architect Expert SC-100
Get started today
Ultimate access to all questions.
Comments
Loading comments...
Ultimate access to all questions.
Your organization is transitioning to a DevOps model for software development and deployment, aiming to enhance agility and efficiency. As the Cybersecurity Architect, you are tasked with embedding security seamlessly into the DevOps lifecycle to mitigate risks without hindering the DevOps speed and automation benefits. The organization operates in a highly regulated industry, requiring compliance with strict data protection standards. Given these constraints, which of the following strategies BEST ensures security is integrated throughout the DevOps process while maintaining compliance and operational efficiency? (Choose one)
A
Delay all security considerations until the final stages of development to avoid slowing down the initial phases, focusing solely on compliance checks before deployment.
B
Implement a separate, parallel security review process that runs independently of the DevOps pipeline to ensure thorough security assessments without affecting development timelines.
C
Adopt a 'Security as Code' approach, integrating automated security testing and compliance checks into the CI/CD pipeline, and foster collaboration between security, development, and operations teams from the outset.
D
Limit the adoption of DevOps tools and practices to only those that have been pre-approved by the security team, significantly reducing the risk of introducing vulnerabilities.