CompTIA
Checkpoint
ISC
HP
Dell
EC-Council
EXIN
Fortinet
ITIL®
Juniper
PMI
Microsoft
VMware
Avaya
Google
Salesforce
Amazon
Palo Alto Networks
Certiport
ISC2
All Vendors
  2. Home
  3. Exams
  4. Microsoft
  5. AZ-400

Free AZ-400 Exam Braindumps (page: 36)

Page 35 of 128
PDF with 564 Questions

You use WhiteSource Bolt to scan a Node.js application.

The WhiteSource Bolt scan identifies numerous libraries that have invalid licenses. The libraries are used only during development and are not part of a production deployment.
You need to ensure that WhiteSource Bolt only scans production dependencies.

Which two actions should you perform? Each correct answer presents part of the solution.
NOTE: Each correct selection is worth one point.

  1. Run npm install and specify the --production flag.
  2. Modify the WhiteSource Bolt policy and set the action for the licenses used by the development tools to Reassign.
  3. Modify the devDependencies section of the project’s Package.json file.
  4. Configure WhiteSource Bolt to scan the node_modules directory only.

Answer(s): A,D

Explanation:

A: To resolve NPM dependencies, you should first run "npm install" command on the relevant folders before executing the plugin.

C: All npm packages contain a file, usually in the project root, called package.json – this file holds various metadata relevant to the project. This file is used to give information to npm that allows it to identify the project as well as handle the project's dependencies. It can also contain other metadata such as a project description, the version of the project in a particular distribution, license information, even configuration data – all of which can be vitalto both npm and to the end users of the package.


Reference:

https://whitesource.atlassian.net/wiki/spaces/WD/pages/34209870/NPM+Plugin
https://nodejs.org/en/knowledge/getting-started/npm/what-is-the-file-package-json



Note: This question is part of a series of questions that present the same scenario. Each question in the series contains a unique solution that might meet the stated goals. Some question sets might have more than one correct solution, while others might not have a correct solution.

After you answer a question in this section, you will NOT be able to return to it. As a result, these questions will not appear in the review screen.

You plan to update the Azure DevOps strategy of your company.

You need to identify the following issues as they occur during the company’s development process:
-Licensing violations
-Prohibited libraries

Solution: You implement continuous integration. Does this meet the goal?

  1. Yes
  2. No

Answer(s): B

Explanation:

WhiteSource is the leader in continuous open source software security and compliance management. WhiteSource integrates into your build process, irrespective of your programming languages, build tools, or development environments. It works automatically, continuously, and silently in the background, checking the security, licensing, and quality of your open source components against WhiteSource constantly-updated definitive database of open source repositories.


Reference:

https://azuredevopslabs.com/labs/vstsextend/whitesource/



Note: This question is part of a series of questions that present the same scenario. Each question in the series contains a unique solution that might meet the stated goals. Some question sets might have more than one correct solution, while others might not have a correct solution.

After you answer a question in this section, you will NOT be able to return to it. As a result, these questions will not appear in the review screen.

You plan to update the Azure DevOps strategy of your company.

You need to identify the following issues as they occur during the company’s development process:
-Licensing violations
-Prohibited libraries

Solution: You implement pre-deployment gates. Does this meet the goal?

  1. Yes
  2. No

Answer(s): B

Explanation:

Instead use implement continuous integration.

Note: WhiteSource is the leader in continuous open source software security and compliance management. WhiteSource integrates into your build process, irrespective of your programming languages, build tools, or development environments. It works automatically, continuously, and silently in the background, checking the security, licensing, and quality of your open source components against WhiteSource constantly-updated definitive database of open source repositories.


Reference:

https://azuredevopslabs.com/labs/vstsextend/whitesource/



Note: This question is part of a series of questions that present the same scenario. Each question in the series contains a unique solution that might meet the stated goals. Some question sets might have more than one correct solution, while others might not have a correct solution.

After you answer a question in this section, you will NOT be able to return to it. As a result, these questions will not appear in the review screen.

You plan to update the Azure DevOps strategy of your company.

You need to identify the following issues as they occur during the company’s development process:
-Licensing violations
-Prohibited libraries

Solution: You implement automated security testing. Does this meet the goal?

  1. Yes
  2. No

Answer(s): B

Explanation:

Instead use implement continuous integration.

Note: WhiteSource is the leader in continuous open source software security and compliance management. WhiteSource integrates into your build process, irrespective of your programming languages, build tools, or development environments. It works automatically, continuously, and silently in the background, checking the security, licensing, and quality of your open source components against WhiteSource constantly-updated definitive database of open source repositories.


Reference:

https://azuredevopslabs.com/labs/vstsextend/whitesource/






Post your Comments and Discuss Microsoft AZ-400 exam with other Community members:

AZ-400 Exam Discussions & Posts