CompTIA Cloud Essentials+ (CLO-002) — Question 93

A development team just deployed a new code release to the staging environment. Change management procedures dictate that all new code must be checked for vulnerabilities prior to release. Which of the following will the security analyst most likely perform prior to the code being deployed to production?

Answer options

• A. A penetration test
• B. A malware scan
• C. An application scan
• D. A load test

Correct answer: C

Explanation

The correct answer is C, as an application scan specifically checks the code for vulnerabilities and security flaws before it goes into production. A penetration test (A) simulates attacks on the system which is more appropriate after deployment, a malware scan (B) looks for existing malware rather than vulnerabilities in the code itself, and a load test (D) assesses performance under heavy usage rather than security.