SOFTWARE PROJECT MANAGEMENT
QUALITY MANAGEMENT
Question
[CLICK ON ANY CHOICE TO KNOW THE RIGHT ANSWER]
|
|
Static analysis only catches a small number of quality analysis problems
|
|
Static analysis tests the implementation of subsystems
|
|
Dynamic analysis catches code duplications
|
|
None of the above
|
Detailed explanation-1: -Mathematically, the difference between static and dynamic analysis is that in a static analysis, only the stiffness matrix of the FEA model is solved. In a dynamic analysis, in addition to the stiffness matrix, the mass matrix (and damping matrix, if not zero) is solved as well.
Detailed explanation-2: -For example, static code analysis is a form of white-box testing that can help identify security issues in source code. On the other hand, dynamic code analysis is a form of black-box vulnerability scanning that allows software teams to scan running applications and identify vulnerabilities.
Detailed explanation-3: -A static code analysis tool will often produce false positive results where the tool reports a possible vulnerability that in fact is not. This often occurs because the tool cannot be sure of the integrity and security of data as it flows through the application from input to output.