CompTIA CASP+ (CAS-003) — Question 293

The director of sales asked the development team for some small changes to increase the usability of an application used by the sales team. Prior security reviews of the code showed no significant vulnerabilities, and since the changes were small, they were given a peer review and then pushed to the live environment. Subsequent vulnerability scans now show numerous flaws that were not present in the previous versions of the code.
Which of the following is an SDLC best practice that should have been followed?

Answer options

• A. Versioning
• B. Regression testing
• C. Continuous integration
• D. Integration testing

Correct answer: B

Explanation

Regression testing is crucial after any changes to ensure that new code does not introduce new vulnerabilities or affect existing functionality. The other choices, while important in the software development lifecycle, do not specifically address the need to verify that recent changes have not negatively impacted the application's security or usability.