CompTIA CySA+ (CS0-002) — Question 268

A software developer is correcting the error-handling capabilities of an application following the initial coding of the fix. Which of the following would the software developer MOST likely perform to validate the code prior to pushing it to production?

Answer options

• A. Web-application vulnerability scan
• B. Static analysis
• C. Packet inspection
• D. Penetration test

Correct answer: B

Explanation

Static analysis is the correct choice because it allows the developer to analyze the code for potential issues without executing it, ensuring that the error-handling logic is sound. Other options, like penetration testing or vulnerability scans, are more focused on finding security flaws in a running application rather than validating code correctness.