CompTIA SecurityX (CAS-005) — Question 45

A company recently acquired a SaaS company and performed a gap analysis. The results of the gap analysis Indicate security controls are absent throughout the SDLC and have led to several vulnerable production releases. Which of the following security tools best reduces the risk of vulnerable code being pushed to production in the future?

Answer options

• A. Static application security testing
• B. Regression testing
• C. Code signing
• D. Sandboxing

Correct answer: A

Explanation

Static application security testing (SAST) is designed to identify vulnerabilities in code early in the development process, significantly reducing the risk of insecure code reaching production. Regression testing focuses on ensuring existing functionalities work post-changes, code signing verifies the authenticity of code, and sandboxing provides a safe environment to test applications but does not directly address code vulnerabilities.