Question

A security analyst has been tasked with ensuring all programs that are deployed into the enterprise have been assessed in a runtime environment. Any critical issues found in the program must be sent back to the developer for verification and remediation. Which of the following BEST describes the type of assessment taking place?

1) Input validation
2) Dynamic code analysis
3) Fuzzing
4) Manual code review

Answer 1

The type of assessment taking place is dynamic code analysis.

Step-by-step explanation:

The type of assessment taking place in this scenario is Dynamic code analysis. Dynamic code analysis, also known as runtime analysis, involves evaluating the behavior of a program while it is running to identify any issues or vulnerabilities. In this case, the security analyst is assessing programs in a runtime environment to identify critical issues that need to be addressed by the developer.