Several vulnerability scan reports have indicated runtime errors as the code is executing. The dashboard that lists the errors has a command-line interface for developers to check for vulnerabilities. Which of the following will enable a developer to correct this issue? (Choose two.)
To correct runtime errors observed during code execution, a developer must review the code to understand its structure and logic, allowing them to identify where the errors might be occurring. Additionally, debugging the code is essential as it enables the developer to run the code in a controlled environment, step through the execution process, inspect variables, and pinpoint the exact lines or conditions causing the runtime errors. Combined, these methods help in identifying and fixing runtime issues effectively.
DAST tools typically do not assist in identifying and resolving runtime errors within the code. Instead, they focus on testing the application's behavior from the outside, by interacting with its interfaces and observing how it responds to various inputs.
The answer is clearly B and D, based on the question "runtime errors"
The issue is to correct the "runtime errors" in order to enable the developers to correct the issue they have to Review and Debug the code.
i go with BD.. dynamic application security testing is a valnerability test method to identify valnerabilities..Dynamic application security testing (DAST) is the process of using simulated attacks on a web application to identify vulnerabilities. By attacking an application the same way a malicious user would, this strategy assesses the program through an approach sometimes referred to as “outside in.” After executing the attacks, a DAST scanner studies the results to look for undesired outcomes. This data is then used to identify security flaws. In the question the code errors are seen already...
A. Performing dynamic application security testing (DAST) - This approach involves testing an application while it is running to find vulnerabilities that an attacker could exploit. It's specifically designed to find conditions that are indicative of a security issue, such as runtime errors, which could potentially be leveraged for malicious purposes. D. Debugging the code - Debugging involves running the code in a controlled environment, often with the use of a debugger tool that allows the developer to step through the code execution, inspect variables, and understand the state of the application at each point. This can help identify and correct the causes of runtime errors.
The errors are occurring as the code in running, therefore the best techniques to fix them involve looking at the code as its running. Debugging and dynamic analysis tools are the way to do that.
If dynamic testing is not done how can we see errors and fox the code? that is why we need to chose A. We also chose D because we need to debug the code to study the code.