Certified Cloud Security Professional (CCSP) — Question 238

What does static application security testing (SAST) offer as a tool to the testers?

Answer options

• A. Production system scanning
• B. Injection attempts
• C. Source code access
• D. Live testing

Correct answer: C

Explanation

The correct answer is C, as SAST tools analyze source code to identify vulnerabilities before deployment. Options A and D refer to dynamic testing methods, while B involves testing techniques that are not specific to static analysis.