Google Cloud Professional Cloud Architect — Question 102

Your company places a high value on being responsive and meeting customer needs quickly. Their primary business objectives are release speed and agility. You want to reduce the chance of security errors being accidentally introduced.
Which two actions can you take? (Choose two.)

Answer options

• A. Ensure every code check-in is peer reviewed by a security SME
• B. Use source code security analyzers as part of the CI/CD pipeline
• C. Ensure you have stubs to unit test all interfaces between components
• D. Enable code signing and a trusted binary repository integrated with your CI/CD pipeline
• E. Run a vulnerability security scanner as part of your continuous-integration /continuous-delivery (CI/CD) pipeline

Correct answer: B, E

Explanation

Using source code security analyzers as part of the CI/CD pipeline (option B) helps identify vulnerabilities early in the development process, while running a vulnerability security scanner (option E) ensures ongoing monitoring of security issues during deployment. The other options, while beneficial for different reasons, do not directly address the immediate integration of security measures into the fast-paced release cycle.