CISSP • Practice Test 4 — 10 Questions
Free CISSP practice test 4 — 10 questions with explanations. No signup required.
A software development company uses a continuous integration/continuous deployment (CI/CD) pipeline that automatically builds and deploys code to production after passing automated tests. The code repository contains proprietary algorithms and customer data. A recent incident was traced to an attacker who injected malicious code into a library that was pulled from a public package repository during the build process. The company wants to prevent similar supply chain attacks without significantly slowing development. Which of the following is the BEST course of action?