ExamTopics Logo
Mail Us[email protected]
Menu
Isaca Discussions
exam questions

Exam CISA All Questions

View all questions & answers for the CISA exam
Go to Exam

Exam CISA topic 1 question 1813 discussion

Actual exam question from Isaca's CISA
Question #: 1813
Topic #: 1
[All CISA Questions]

Which type of testing is used to identify security vulnerabilities in source code in the development environment?

  • A. Dynamic analysis security testing (DAST)
  • B. Interactive application security testing (IAST)
  • C. Static analysis security testing (SAST)
  • D. Runtime application self-protection (RASP)
Show Suggested Answer Hide Answer
Suggested Answer: C 🗳️
by 46080f2 at March 3, 2025, 3:40 p.m.

Comments

Chosen Answer:
This is a voting comment (?). It is better to Upvote an existing comment if you don't have anything to add.
Switch to a voting comment New
Submit Cancel
46080f2
2 months, 1 week ago
Selected Answer: C
Based on this analysis, Static analysis security testing (SAST) (Option C) is the most appropriate choice. It directly analyzes the source code in the development environment, enabling developers to detect and fix security vulnerabilities early in the process.
upvoted 2 times
...
Community vote distribution
A (35%)
C (25%)
B (20%)
Other
Most Voted
A voting comment increases the vote count for the chosen answer by one.

Upvoting a comment with a selected answer will also increase the vote count towards that answer by one. So if you see a comment that you already agree with, you can upvote it instead of posting a new comment.

SaveCancel
exam
Someone Bought Contributor Access for:
SY0-701
London, 1 minute ago