CompTIA
CAS-003 · Question #523
CAS-003 Question #523: Real Exam Question with Answer & Explanation
The correct answer is B: Continuous integration. Code obfuscation just makes it hard to reverse engineer the source code but does little to solve the issue of fixing software bugs during the SDLC. From a security perspective, static analysis tools and Continuous Integration (CI) allows security analysis to be integrated into th
Question
A software development company lost customers recently because of a large number of software issues. These issues were related to integrity and availability defects, including buffer overflows, pointer deferences, and others. Which of the following should the company implement to improve code quality? (Select two).
Options
- ADevelopment environment access controls
- BContinuous integration
- CCode comments and documentation
- DStatic analysis tools
- EApplication containerization
- FCode obfuscation
Explanation
Code obfuscation just makes it hard to reverse engineer the source code but does little to solve the issue of fixing software bugs during the SDLC. From a security perspective, static analysis tools and Continuous Integration (CI) allows security analysis to be integrated into the SDLC, leading to more secure software.
Community Discussion
No community discussion yet for this question.