A development team uses open-source software and follows an Agile methodology with two-week sprints. Last month, the security team filed a bug for an insecure version of a common library. The DevOps team updated the library on the server, and then the security team rescanned the server to verify it was no longer vulnerable. This month, the security team found the same vulnerability on the server. Which of the following should be done to correct the cause of the vulnerability?
A. Deploy a WAF in front of the application.
B. Implement a software repository management tool.
C. Install a HIPS on the server.
D. Instruct the developers to use input validation in the code.
Answer: B. Implement a software repository management tool.
You might also like to view...
What does a binary search tree have in common with a linked list?
a. The node has pointers to other nodes b. It has a head and a tail c. It uses two pointers or links to leaf nodes d. It always inserts at the end
After adding a picture as a background, slide text will always be easier to read due to the contrast between the font and the background image
Indicate whether the statement is true or false
Social engineering is the act of manipulating users into revealing confidential information
Indicate whether the statement is true or false
Both RANK.EQ and RANK.AVG functions have the same arguments.
Answer the following statement true (T) or false (F)