ExamTopics Logo
Mail Us[email protected]
Menu
Comptia Discussions
exam questions

Exam CS0-002 All Questions

View all questions & answers for the CS0-002 exam
Go to Exam

Exam CS0-002 topic 1 question 178 discussion

Actual exam question from CompTIA's CS0-002
Question #: 178
Topic #: 1
[All CS0-002 Questions]

A software developer is correcting the error-handling capabilities of an application following the initial coding of the fix. Which of the following would the software developer MOST likely perform to validate the code prior to pushing it to production?

  • A. Web-application vulnerability scan
  • B. Static analysis
  • C. Packet inspection
  • D. Penetration test
Show Suggested Answer Hide Answer
Suggested Answer: B 🗳️
by piotr3439 at Sept. 14, 2022, 6:32 a.m.

Comments

Chosen Answer:
This is a voting comment (?). It is better to Upvote an existing comment if you don't have anything to add.
Switch to a voting comment New
Submit Cancel
bigerblue2002
Highly Voted 2 years, 9 months ago
Selected Answer: B
I think B. What is static analysis? Static analysis is a method of analyzing code for defects, bugs, or security issues prior to pushing to production. https://cloudacademy.com/blog/what-is-static-analysis-within-ci-cd-pipelines/
upvoted 12 times
1oldman
2 years, 3 months ago
Good link, thanks.
upvoted 2 times
...
2Fish
2 years, 3 months ago
Agree, this is B for sure.
upvoted 2 times
...
...
d8viey
Most Recent 1 year, 7 months ago
Selected Answer: B
B. Key words in the question "validate the code" = SAST
upvoted 1 times
...
thenewpcgamer
2 years, 2 months ago
Web-application vulnerability scan could only be performed after the code is already pushed correct?
upvoted 2 times
...
MrRobotJ
2 years, 7 months ago
Selected Answer: B
in the real world, a security guy will do WAS not a dev guy. B is the right answer
upvoted 2 times
...
[Removed]
2 years, 9 months ago
Selected Answer: B
B is the only one that makes sense to me.
upvoted 3 times
...
marc4354345
2 years, 9 months ago
Selected Answer: A
I thought B first, but testing error-handling capabilities is IMO hard to do with only static code analysis. Dynamic testing would be more relevant, which leaves only A.
upvoted 2 times
Treymb6
2 years, 9 months ago
Since when does a vulnerability scan validate application code? Also nowhere does it say that the application is web-related. It's B.
upvoted 7 times
...
...
piotr3439
2 years, 9 months ago
Not B? Why?
upvoted 2 times
...
Community vote distribution
A (35%)
C (25%)
B (20%)
Other
Most Voted
A voting comment increases the vote count for the chosen answer by one.

Upvoting a comment with a selected answer will also increase the vote count towards that answer by one. So if you see a comment that you already agree with, you can upvote it instead of posting a new comment.

SaveCancel