A company wants to follow the Azure DevOps strategy for their development and deployment process. They want to ensure that during the development phase the following are requirements. Scanning of 3rd party packages in the code base for vulnerabilities
Checking for unlicensed libraries in the code base
The company decides to implement these checks using Continuous Integration. 
Would this fulfill the requirement?

Answer options:

A.Yes
B.No

Answer – A 
Yes, you would use tools as part of the Continuous Integration process to check these vulnerabilities. 
The Microsoft documentation mentions the following representation on the CI/CD pipeline. 

For more information on security validation in the CI/CD pipeline, please visit the following URL- 

https://docs.microsoft.com/en-us/azure/devops/migrate/security-validation-cicd-pipeline?view=azure-devops