CompTIA CySA+ (CS0-002) — Question 63

Which of the following can detect vulnerable third-party libraries before code deployment?

Answer options

• A. Impact analysis
• B. Dynamic analysis
• C. Static analysis
• D. Protocol analysis

Correct answer: C

Explanation

Static analysis is an effective approach for identifying vulnerabilities in third-party libraries before the code is deployed, as it examines the code without executing it. In contrast, dynamic analysis evaluates a running application, which may miss issues in libraries that aren't executed in the test environment. Impact analysis focuses on understanding the consequences of changes, while protocol analysis inspects data transmission protocols, neither of which directly addresses library vulnerabilities.