CompTIA PenTest+ (PT0-001) — Question 194

A software developer wants to test the code of an application for vulnerabilities. Which of the following processes should the software developer perform?

Answer options

• A. Vulnerability scan
• B. Dynamic scan
• C. Static scan
• D. Compliance scan

Correct answer: A

Explanation

The correct answer is A, as a vulnerability scan is specifically designed to identify security weaknesses in software code. Options B and C refer to scans that focus on runtime and source code analysis, respectively, while D pertains to verifying adherence to regulatory standards rather than identifying vulnerabilities.