A development group often integrates external libraries into their product. They want a practice that helps them precisely track each piece so they can quickly see which versions are affected if a flaw is discovered. Which approach meets that goal?
Use runtime scanning that flags suspicious behavior in each external module
Perform a suite of regression tests after major deployments to detect library-based flaws
Implement containerization so that an exploit in one library cannot spread to other modules
Track outside components, with each version and license noted, to see which builds need updates
Maintaining a detailed list of all external libraries, including associated versions and licenses, aligns with a software bill of materials (SBoM). This practice ensures the team can locate and address problematic libraries when vulnerabilities emerge. Other methods like runtime monitoring, isolation strategies, and regression tests help detect or isolate problems but do not maintain a comprehensive list of components across builds.
Ask Bash
Bash is our AI bot, trained to help you pass your exam. AI Generated Content may display inaccurate information, always double-check anything important.
What is a Software Bill of Materials (SBoM)?
Open an interactive chat with Bash
How does tracking external libraries help with vulnerability management?
Open an interactive chat with Bash
What is the key difference between runtime scanning and maintaining an SBoM?