15h • 🙋♂️ CISSP
CISSP Practice Question (Domain 8: Software Development Security)
A development team adopts a CI/CD pipeline that auto-deploys to production upon passing unit tests. Security testing currently runs weekly in a separate environment. A recent release introduced a SQL injection flaw that reached production. As the application security lead, what is the BEST corrective action?
A. Block all deployments until weekly security testing completes
B. Integrate SAST and dependency scanning as gating checks within the pipeline
C. Require manual security review before each production release
D. Shift security testing to a post-deployment runtime monitoring tool
Come back for the answer tomorrow, or study more now!
0
10 comments
CISSP Practice Question (Domain 8: Software Development Security)
skool.com/cybersecurity-study-group
Share resources, get advice, and connect with peers studying cybersecurity. Join our CISSP study group and connect with fellow professionals today!
Leaderboard (30-day)
1
+42
2
+35
3
+33
4
+31
5
+26
Powered by