KT-APP SAST findings

SAST pipeline fails build on hard-coded AWS keys in a feature branch. Correct outcome?

Multiple choice — select one answer

Answer choices

  1. a. Block merge until secrets removed and rotated if ever committed to default branch
  2. b. Move keys to comments, using shared credentials instead of individual accountability.
  3. c. Disable SAST permanently, using shared credentials instead of individual accountability.
  4. d. Override because deadline is today, without security or identity team coordination per policy.

Architectural breakdown & explanation

SAST gating prevents secret leakage into production lineage.

Correct answer(s): a. Block merge until secrets removed and rotated if ever committed to default branch

Exam domain: SAST findings (25% weight on the official guide).

Official documentation & study links

Practice this certification

This page is one question from the KeyTrain's Key Training — Application Security bank. Run a full timed practice exam with domain-weighted random questions in your browser.