CompTIA CySA+ (CS0-003) — Question 312

An organization has implemented code into a production environment. During a routine test, a penetration tester found that some of the code had a backdoor implemented causing a developer to make changes outside of the change management windows. Which of the following is the best way to prevent this issue?

Answer options

• A. SDLC training
• B. Dynamic analysis
• C. Debugging
• D. Source code review

Correct answer: D

Explanation

The correct answer, D (Source code review), is essential for identifying vulnerabilities like backdoors before code is deployed. While SDLC training (A), dynamic analysis (B), and debugging (C) are useful practices, they do not directly address the need for thorough examination of the code to catch such security issues.