CompTIA CySA+ (CS0-003) — Question 13

During security scanning, a security analyst regularly finds the same vulnerabilities in a critical application. Which of the following recommendations would best mitigate this problem if applied along the SDLC phase?

Answer options

• A. Conduct regular red team exercises over the application in production
• B. Ensure that all implemented coding libraries are regularly checked
• C. Use application security scanning as part of the pipeline for the CI/CD flow
• D. Implement proper input validation for any data entry form

Correct answer: C

Explanation

Incorporating application security scanning into the CI/CD pipeline ensures that vulnerabilities are identified and addressed early in the development process, reducing the likelihood of recurring issues. Regular red team exercises, checking coding libraries, and implementing input validation are all important practices, but they do not specifically target the consistent detection of the same vulnerabilities as effectively as integrating scanning into the CI/CD pipeline.