CompTIA SecurityX (CAS-005) — Question 75

A security researcher tells a company that one of its solutions is vulnerable to buffer overflow, leading to a malicious coding execution. Which of the following is the best way to avoid this vulnerability in future versions?

Answer options

• A. Testing for CSRF vulnerabilities before the application goes to production
• B. Using SAST tools to find vulnerabilities as part of the pipeline
• C. Implementing canary protection in an earlier life-cycle stage
• D. Implementing pair programming to improve development capabilities

Correct answer: B

Explanation

The correct answer is B because SAST tools are designed to analyze source code for vulnerabilities like buffer overflow before the software is deployed. Options A, C, and D focus on different aspects of security and development practices, but they do not specifically address identifying and correcting coding vulnerabilities in the development pipeline.