CompTIA CySA+ (CS0-003) — Question 460

A DevOps analyst implements a webhook to trigger code vulnerability scanning for submissions to the repository. Which of the following is the primary benefit of this enhancement?

Answer options

• A. To increase coverage by making the process occur automatically with uploads
• B. To create a single pane of glass dashboard for the vulnerability management process
• C. To include a threat feed component into the software development life cycle
• D. To employ data enrichment for new code commits to enhance project documentation

Correct answer: A

Explanation

The correct answer is A because automating the vulnerability scanning process with uploads ensures that every code submission is scanned, increasing coverage and reducing the chance of vulnerabilities being overlooked. The other options, while beneficial in different contexts, do not directly relate to the primary advantage of triggering scans automatically with repository submissions.