Computer Science Basic Computer / Software Security Question #23863
MCQ Single Best Answer Difficult

QWhich of the following is one of the limitations of static analysis?

ID: #23863 Computer / Software Security 2,974 views
Question Info
#23863Q ID
DifficultDifficulty
Computer / Software SecurityTopic
Start Quiz on This Topic
 Your Answer

Choose the Best Option

Click any option to instantly check if you're correct.

  • A Tests can be conducted without running programs
  • B The code being tested doesn't have to be fully functional
  • C Design flaws are also detectable
  • D Predefined signatures are necessary to detect a bug
Correct Answer: Option D

Explanation

One of the limitations of static analysis is that predefined signatures are often necessary to detect specific bugs. Static analysis tools analyze the source code without executing it, but they rely on known patterns or signatures to identify issues such as security vulnerabilities or bugs. While this approach can detect many problems, it can also miss new or unknown vulnerabilities that do not fit predefined signatures. Static analysis is great for identifying certain types of errors in the code, but it is limited by the rules and patterns it can recognize. Other limitations include difficulty in detecting issues related to runtime behavior, such as memory management errors or concurrency problems.

 Continue Practice
Previous Question Next Question
 Share

Share This Question

Challenge a friend or share with your study group.

 More from This Topic

Related MCQ Questions

Which of the following is crucial in complying with GDPR article 35? Which of the following is the most comprehensive software security term? Which of the following addresses a threat to software security? When implementing access control, which step should be taken first? Why is proper design important instead of coding with it? Which of the following is an example of an architectural pattern? Which of the following is a solution to detailed design-level software security threats? Question: Which of the following is an example of open-source dynamic analysis tools? Which of the following is the least likely consequence of a buffer overflow attack? Which of the following testing types does not require access to source code?