A software development company lost customers recently because of a large number of software issues. These issues were related to integrity and availability defects, including buffer overflows, pointer dereferences, and others. Which of the following should the company implement to improve code quality? (Select two).
A. Development environment access controls
B. Continuous integration
C. Code comments and documentation
D. Static analysis tools
E. Application containerization
F. Code obfuscation
How to PASS CAS-004 in First Attempt?FULL Printable PDF and Software. VALID exam to help you PASS. |
 |
D is for sure one of the answers. No other answer here better enables the correction of pointer dereferences. Leaning towards B as the other answer.
With F, it feels like that accomplishes confidentiality, not necessarily code quality (code could still suck but non-authorized people wouldn’t know it)
With B, CI prevents code sprawl and automatically fixes coding errors within its structure at least once a day and up to multiple times per day depending on how many integrations occur on said day.
Info for B I got from McGraw Hill’s CASP+ book and the CompTIA CASP+ Study Guide 3rd Ed.
Would like to hear someone else’s take but I’m convinced its BD
F lol