Domain-2 - Secure Application Development, Deployment, and Autom

A software development team is implementing a continuous integration (CI) process to streamline their development workflow. Which of the following best describes the primary goal of continuous integration?

A development team is concerned about the security of their web applications and wants to follow best practices to prevent common vulnerabilities. What organization provides a widely recognized set of guidelines and resources for secure application development?

A software development team is implementing a version control system to track changes to the source code. What is the primary benefit of using version control in the software development process?

A development team is deploying an application to a cloud environment that requires the ability to automatically scale based on demand. What concept is most relevant to achieve this elasticity?

A software development team is exploring techniques to protect sensitive data in their applications, particularly during storage and transmission. Which of the following methods is commonly used for protecting data at rest and in transit?

A development team is tasked with improving the resilience and availability of their application. What concept is related to ensuring that the application can handle increased workload and traffic?

A software development team is considering the use of automated scripts to perform routine tasks, such as code testing and deployment. What term is commonly associated with the practice of automating sequences of actions in software development?

A development team wants to ensure the integrity of their codebase by preventing unauthorized changes. What practice involves reviewing and approving code changes before they are merged into the main code repository?

A software development team is deploying a web application and wants to protect it against common security threats such as SQL injection and cross-site scripting. What secure coding technique involves validating and sanitizing user input on the server side?

A development team is concerned about the security implications of using third-party libraries and software development kits (SDKs) in their applications. What practice is essential to mitigate the risks associated with third-party components?