Which of the following controls BEST protects the integrity of the software build and deployment pipeline?
Regular backups of all source code in the deployment pipeline
Penetration testing of the pipeline environment
Implementing strong network firewalls for the infrastructure hosting the pipeline
Code signing and verification throughout the pipeline
The correct answer is code signing and verification throughout the pipeline. Code signing creates a digital signature for code artifacts at each stage of the build and deployment pipeline, allowing verification that the code has not been tampered with between stages. This directly ensures the integrity of the software as it moves from development to production.
Regular backups of source code help with availability and disaster recovery but don't directly protect against tampering during the build and deployment process. Backups preserve code but don't verify its integrity throughout the pipeline.
Penetration testing of the pipeline environment may identify vulnerabilities and therefore protect the integrity of the build pipeline. However, it's a detective rather than preventive control for pipeline integrity.
Implementing strong network firewalls helps protect the infrastructure hosting the pipeline but doesn't specifically verify the integrity of code artifacts moving through the pipeline. Firewalls primarily control network access rather than detecting code tampering.
Bash is our AI bot, trained to help you pass your exam. AI Generated Content may display inaccurate information, always double-check anything important.
All IT & Cybersecurity Package plans include the following perks and exams .
Our pricing is simple. Full access to all certifications and exams in each package, for one price.
As many practice tests for as many topics as you want.
Use study mode non-stop, no limits.
Access to our AI assistant, Bash, trained to help you pass your exam.
Track your scores over time in study mode and report cards.
See how you improve over time, and where you need to focus.
Access our store with even bigger discounts than before.
Unlimited access to all performance questions and be prepared for the real thing.
All IT & Cybersecurity Package plans include unlimited access to the following study materials.
Create an account or sign in to access our study materials.