Question 18 - EC-Council 312-97 Exam Questions [May 2026 Update]

Q: 18

(Alexander Hamilton has been working as a senior DevSecOps engineer in an IT company located in Greenville, South Carolin a. In January of 2012, his organization because a victim of a cyber security attack and incurred a tremendous loss. Alexander’s organization immediately adopted AWS cloud-based services after the attack to develop robust software products securely and quickly. To detect security issues in code review, Alexander would like to integrate SonarQube with AWS Pipeline; therefore, he created a pipeline in AWS using CloudFormation pipeline template. Then, he selected SonarQube tool from the tools dropdown, provided the required stack parameters, and also provided email address for receiving email notifications of changes in pipeline status and approvals. He deployed the pipeline after entering the required information. What will happen when changes are committed in the application repository?.)

Options

Correct Answer:

Explanation

When changes are committed to a source repository configured in an AWS CodePipeline, an Amazon CloudWatch Event (now part of Amazon EventBridge) is generated. AWS CodePipeline uses a CloudWatch Events rule to detect these source changes (e.g., a push to an AWS CodeCommit repository). This event acts as a trigger, automatically starting a new execution of the pipeline. This event-driven mechanism ensures that the CI/CD process is initiated immediately upon a code change, facilitating continuous integration and delivery.

Why Incorrect

A. Cloud Config is used for auditing and evaluating AWS resource configurations, not for triggering pipelines from code commits.

B. BinSkim is a static analysis tool for binaries; it is a tool used within a pipeline, not an event that triggers it.

D. Security Hub aggregates security findings from various AWS services; it does not trigger pipeline executions based on repository changes.

References

1. AWS Documentation. (2023). Start a pipeline execution in CodePipeline. AWS CodePipeline User Guide. Retrieved from https://docs.aws.amazon.com/codepipeline/latest/userguide/pipelines-start.html. (See the section "Start a pipeline automatically with source code changes," which states, "We recommend you use Amazon CloudWatch Events to detect the latest change and then start your pipeline.")

2. AWS Documentation. (2023). Tutorial: Create a simple pipeline (CodeCommit repository). AWS CodePipeline User Guide. Retrieved from https://docs.aws.amazon.com/codepipeline/latest/userguide/tutorials-simple-codecommit.html. (Step 2 mentions that for CodeCommit, "a CloudWatch Events rule is created to detect changes and start the pipeline.")

Premium Access Includes

FLASH OFFER

avail 10% DISCOUNT on YOUR PURCHASE