Your organization uses GitHub and wants to implement a policy that requires all pull requests to be approved by at least two members of the 'security-team' team before merging. The 'security-team' team is a child team of 'engineering'. Which branch protection rule setting should you use?
This enforces approval from two members of the specified team.
Why this answer
Option D is correct because the 'Require pull request reviews before merging' rule with 'Required reviewers' set to the team slug 'security-team' enforces approval from two members of that specific team. Option A (Require code owner review) would require a CODEOWNERS file and only enforce from listed owners. Option B (Dismiss stale reviews) is unrelated.
Option C (Restrict who can dismiss reviews) does not set the reviewer requirement.