16d • 🙋♂️ CISSP
CISSP Practice Question! DevSecOps
Which of the following BEST describes the role of Interactive Application Security Testing (IAST) in a DevSecOps pipeline, as emphasized in modern software development security practices?
A. It scans source code for vulnerabilities without executing the application, focusing on syntax and structure.
B. It analyzes running applications in a simulated environment to identify runtime vulnerabilities like injection attacks.
C. It instruments the application to combine static and dynamic analysis, providing real-time feedback on vulnerabilities during execution.
D. It examines third-party components and dependencies for known vulnerabilities and license compliance issues.
2
9 comments
CISSP Practice Question! DevSecOps
skool.com/cybersecurity-study-group
Share resources, get advice, and connect with peers studying cybersecurity. Join our CISSP study group and connect with fellow professionals today!
Leaderboard (30-day)
1
+45
2
+30
3
+30
4
+26
5
+15
Powered by