CompTIA CySA+ (CS0-002) — Question 81

In web application scanning, static analysis refers to scanning:

Answer options

• A. the system for vulnerabilities before installing the application
• B. the compiled code of the application to detect possible issues.
• C. an application that is installed and active on a system.
• D. an application that is installed on a system that is assigned a static IP.

Correct answer: B

Explanation

The correct answer is B because static analysis specifically entails examining the compiled code to identify vulnerabilities before the application is executed. Options A, C, and D describe other scenarios that do not pertain to the concept of static analysis in web application scanning.