Your company is concerned that when developers introduce open source libraries, it creates licensing compliance issues. You need to add an automated process to the build pipeline to detect when common open source libraries are added to the code base. What should you use?

QuestionsCategory: AZ-400Your company is concerned that when developers introduce open source libraries, it creates licensing compliance issues. You need to add an automated process to the build pipeline to detect when common open source libraries are added to the code base. What should you use?
Admin Staff asked 4 months ago
Your company is concerned that when developers introduce open source libraries, it creates licensing compliance issues.
You need to add an automated process to the build pipeline to detect when common open source libraries are added to the code base.
What should you use?

A. Microsoft Visual SourceSafe

B. Code Style

C. Black Duck

D. Jenkins








 

Suggested Answer: C

Secure and Manage Open Source Software
Black Duck helps organizations identify and mitigate open source security, license compliance and code-quality risks across application and container portfolios.
Black Duck Hub and its plugin for Team Foundation Server (TFS) allows you to automatically find and fix open source security vulnerabilities during the build process, so you can proactively manage risk. The integration allows you to receive alerts and fail builds when any Black Duck Hub policy violations are met.
Note:
There are several versions of this question in the exam. The question has two possible correct answers:
✑ Black Duck
✑ WhiteSource Bolt
Other incorrect answer options you may see on the exam include the following:
✑ OWASP ZAP
✑ PDM
✑ SourceGear
SourceGear Vault -
 Reference Image
Reference:
https://marketplace.visualstudio.com/items?itemName=black-duck-software.hub-tfs

This question is in AZ-400 Exam
For getting Microsoft DevOps Engineer Expert Certificate


Disclaimers:
The website is not related to, affiliated with, endorsed or authorized by Microsoft. 
The website does not contain actual questions and answers from Microsoft's Certification Exams.
Trademarks, certification & product names are used for reference only and belong to Microsoft.

Recommended

Welcome Back!

Login to your account below

Create New Account!

Fill the forms below to register

Retrieve your password

Please enter your username or email address to reset your password.