nerdexam
Isaca

CDPSE · Question #31

Which of the following BEST ensures a mobile application implementation will meet an organization's data security standards?

The correct answer is D. Automatic dynamic code scan. Automatic dynamic code scanning (DAST - Dynamic Application Security Testing) tests the running mobile application in real time, identifying runtime vulnerabilities such as insecure data transmission, improper session handling, and data leakage that static analysis or reviews wou

Privacy Architecture

Question

Which of the following BEST ensures a mobile application implementation will meet an organization's data security standards?

Options

  • AUser acceptance testing (UAT)
  • BData classification
  • CPrivacy impact assessment (PIA)
  • DAutomatic dynamic code scan

How the community answered

(52 responses)
  • A
    19% (10)
  • B
    6% (3)
  • C
    10% (5)
  • D
    65% (34)

Explanation

Automatic dynamic code scanning (DAST - Dynamic Application Security Testing) tests the running mobile application in real time, identifying runtime vulnerabilities such as insecure data transmission, improper session handling, and data leakage that static analysis or reviews would miss. It continuously validates security posture throughout the development lifecycle. Option A (UAT) tests functional requirements from a user's perspective, not security compliance. Option B (data classification) defines sensitivity levels but does not directly test the application's security implementation. Option C (PIA) assesses privacy risks in the design phase but does not test the implemented code for technical security flaws.

Topics

#Application Security#Mobile Security#Dynamic Analysis#Security Testing

Community Discussion

No community discussion yet for this question.

Full CDPSE Practice