CompTIA CASP+ (CAS-004) — Question 274

A company recently implemented a CI/CD pipeline and is now concerned with the current state of its software development processes. The company wants to augment its CI/CD pipeline with a solution to:

• Prevent code configuration drifts.
• Ensure coding standards are followed.

Which of the following should the company implement to address these concerns? (Choose two.)

Answer options

• A. Code signing
• B. Fuzzers
• C. Dynamic code analysis
• D. Manual approval processes
• E. Linters
• F. Regression testing

Correct answer: C, E

Explanation

The correct answers are C and E because Dynamic code analysis helps identify and fix potential vulnerabilities in the code during execution, while Linters analyze code to enforce coding standards. The other options do not specifically address the prevention of code drifts or the enforcement of coding standards.