Note: This question is part of a series of questions that present the same scenario. Each question in the series contains a unique solution that might meet the stated goals. Some question sets might have more than one correct solution, while others might not have a correct solution.
After you answer a question in this section, you will NOT be able to return to it. As a result, these questions will not appear in the review screen.
You plan to update the Azure DevOps strategy of your company.
You need to identify the following issues as they occur during the company's development process:
-> Licensing violations
-> Prohibited libraries
Solution: You implement pre-deployment gates.
Does this meet the goal?
Click on the arrows to vote for the correct answer
A. B.B
Instead use implement continuous integration.
Note: WhiteSource is the leader in continuous open source software security and compliance management. WhiteSource integrates into your build process, irrespective of your programming languages, build tools, or development environments. It works automatically, continuously, and silently in the background, checking the security, licensing, and quality of your open source components against WhiteSource constantly-updated definitive database of open source repositories.
https://azuredevopslabs.com/labs/vstsextend/whitesource/The solution presented in the question, which is implementing pre-deployment gates, may help identify some issues in the development process, but it does not specifically address the goal of identifying licensing violations and prohibited libraries.
Pre-deployment gates are used to enforce certain conditions before allowing a deployment to proceed. They can be configured to run automated tests, perform code analysis, check for security vulnerabilities, and other checks. However, they are not specifically designed to identify licensing violations or prohibited libraries.
To address the goal of identifying licensing violations, a company can use a license compliance tool or service that scans the source code for any code that may violate licensing agreements. These tools can help identify dependencies that are using open source software with incompatible licenses, for example.
To address the goal of identifying prohibited libraries, a company can use a security scanning tool that checks the code for known vulnerabilities and issues. These tools can also check for the use of libraries that are known to have security issues or that are prohibited by company policy.
In summary, while pre-deployment gates can be useful in improving the overall quality of the deployment process, they are not a specific solution for identifying licensing violations or prohibited libraries. Therefore, the answer to the question is B. No.