Which application security testing method is considered most costly?SASTDASTboth a and bNone of the above
Question
Which application security testing method is considered most costly?SASTDASTboth a and bNone of the above
Solution
The most costly application security testing method can vary depending on the specific circumstances, such as the complexity of the application, the expertise of the testing team, and the tools used. However, generally speaking, Static Application Security Testing (SAST) can be considered more costly because it involves a thorough examination of the source code, which can be time-consuming and require highly skilled personnel. On the other hand, Dynamic Application Security Testing (DAST) involves testing the application in its running state, which can be less costly as it doesn't require access to the source code. So, if we have to choose between SAST, DAST, both, or none of the above, the answer would be SAST.
Similar Questions
Which application security testing technique inspects the source code without executing the program?1 pointDynamic application security testing (DAST) toolStatic application security testing (SAST) toolInteractive application security testing (IAST) toolOpenVAS
Which best describes a security test? Regression TestUnit TestPenetration TestAcceptance Test
application security metrics and its measurement
SAST scans provides you the list ofA) Exploitable vulnerabilitiesB) Code quality assuranceC) Both A and BD) Potential code security flawsReset Answer
Which one of the following is NOT a step of the risk-based testing process for secure software?Question 16Answera.Audit of software and documentationb.Software analysisc.Documentation of asset awarenessd.Identification of assets and objectivesClear my choiceQuestion 17Not yet answeredPoints out of 1.00Flag questionTipsQuestion textIn the course of selecting an effective programming language, languages that are ________ should not be used by software when security is a necessity.Question 17Answera.At risk of buffer overflowsb.Below the application levelc.Compromised by SQl injectiond.Above the physical levelClear my choiceQuestion 18Not yet answeredPoints out of 1.00Flag questionTipsQuestion textWhen designing security architecture for software development, creators should do which of the following?Question 18Answera.Rely primarily on obfuscation for security concerns.b.Do not worry about separating functions needing higher privilege from othersc.Decide how much security is enough.d.Do not be too concerned about reducing the damage from hacking activitiesClear my choiceQuestion 19Not yet answeredPoints out of 1.00Flag questionTipsQuestion textAn important goal to meet when designing efficient, secure software is to __________.Question 19Answera.Create the design understanding that the specifications will be expanded until the project is deployedb.Allow for additional functions to remain in the software so they may be used laterc.Determine the amount of time it will take to complete the designd.Create the design with an understanding that the initial security measures may fail due to new attacks or vulnerabilitiesClear my choiceQuestion 20Not yet answeredPoints out of 1.00Flag questionTipsQuestion textRegarding secure software development, ___________ states that the impact (or damage) that can occur after a vulnerability is exploited should be minimized.Question 20Answera.Damage confinementb.Impact vulnerability policyc.Impact survivabilityd.Damage consumption
Upgrade your grade with Knowee
Get personalized homework help. Review tough concepts in more detail, or go deeper into your topic by exploring other relevant questions.