A security researcher tells a company that one of its solutions is vulnerable to buffer overflow, leading to a malicious coding execution. Which of the following is the best way to avoid this vulnerability in future versions?
A.
Testing for CSRF vulnerabilities before the application goes to production
B.
Using SAST tools to find vulnerabilities as part of the pipeline
C.
Implementing canary protection in an earlier life-cycle stage
D.
Implementing pair programming to improve development capabilities
✅ B. Using SAST tools to find vulnerabilities as part of the pipeline
Why?
A buffer overflow vulnerability typically occurs due to unsafe coding practices, such as improper memory handling. The best way to catch and prevent such issues early in the development lifecycle is by:
Static Application Security Testing (SAST):
Analyzes source code early in the SDLC (Software Development Life Cycle).
Identifies code-level vulnerabilities like buffer overflows before code is compiled or deployed.
Integrates well into CI/CD pipelines to provide automated, continuous feedback to developers.
This proactive approach helps ensure secure coding practices are enforced from the beginning.
upvoted 1 times
...
This section is not available anymore. Please use the main Exam Page.CAS-005 Exam Questions
Log in to ExamTopics
Sign in:
Community vote distribution
A (35%)
C (25%)
B (20%)
Other
Most Voted
A voting comment increases the vote count for the chosen answer by one.
Upvoting a comment with a selected answer will also increase the vote count towards that answer by one.
So if you see a comment that you already agree with, you can upvote it instead of posting a new comment.
vicbersong
1 month, 2 weeks ago