You need to recommend a solution to scan the application code. The solution must meet the
application development requirements. What should you include in the recommendation?
Correct Answer: B
Explanation:
The requirement is to scan application code and meet application development security requirements. GitHub Advanced Security provides:
Code scanning to detect security vulnerabilities in source code.
Secret scanning to identify exposed credentials, keys, and tokens.
Dependency scanning to find vulnerable open-source packages.
Security analysis integrated directly into the development workflow.
Why the others are incorrect
A. Azure Key Vault ❌
Stores and manages secrets, certificates, and encryption keys; it does not scan code.
C. Application Insights in Azure Monitor ❌
Monitors application performance and usage after deployment.
D. Azure DevTest Labs ❌
Provides development and testing environments but does not perform code security scanning.
✅ Correct Answer: B. GitHub Advanced Security.
Question 2
You need to recommend a solution to meet the security requirements for the InfraSec group.
What should you use to delegate the access?
Correct Answer: B
Explanation:
When you need to delegate access while meeting specific security requirements, a custom RBAC role allows you to grant only the exact permissions required by the InfraSec group, following the principle of least privilege.
Why B is correct
Provides granular permissions tailored to the group's needs.
Prevents granting excessive access.
Supports secure delegation of Azure resources.
Why the others are incorrect
A. A subscription ❌
A subscription is a billing and resource container, not a delegation mechanism.
C. A resource group ❌
Organizes resources but does not define permissions by itself.
D. A management group ❌
Used to organize subscriptions and apply governance at scale, not to define custom delegated permissions.
✅ Correct Answer: B. a custom role-based access control (RBAC) role.
Demo Practice Mode
You are viewing only the questions marked as Demo.