Which of the following are responsibilities for the review leader?
- Managing review meetings
- Issuing review reports
- Preparing checklists
What is true about FindBugs?
- It performs a static analysis
- It can be used to find * infinite recursive loops in code
- It is a bug-finding tool for Java
- It can check if an array index is out of bounds
Which of the following are the benefits of using static program analysis?
- It can be performed early in the development process
- It can find bugs and security vulnerabilities that may not be evident when the program is executed
Which of the following are the limitations of static program analysis?
- It can be time-consuming to perform
- It can only find issues that are present in the code being analyzed
Which of the following are best practices for using static program analysis effectively?
- Run the analysis regularly, such as before every commit or deployment
- Use static analysis in conjunction with testing to achieve maximum coverage
Which of the following are types of static analysis tools?
- Compilers
- Style checkers
How does static analysis differ from dynamic analysis?
- Static analysis is faster and less resource-intensive, while dynamic analysis is slower and more resource-intensive
- Static analysis focuses on the code, while dynamic analysis focuses on the program’s runtime behavior
What is the primary objective of static analysis in software engineering?
- To analyze software artifacts without execution
What does the cyclomatic complexity metric measure in static analysis?
Independent paths through a program
What type of review is a ‘code walkthrough’?
Peer-led and question-based
During a code inspection, what is primarily examined?
Code against development standards
What is the main role of a compiler in static analysis?
To detect syntax violations
What is the primary difference between inspections and walkthroughs in static analysis?
Inspections are formal, walkthroughs are informal
Which one of these is not typically part of a code review checklist?
User interface design
Which of the following is a characteristic of a good code review process?
Focus on discovering errors
A ‘du-anomaly’ in static analysis highlights:
Unused variables after definition
‘Dead code’ in static analysis refers to:
Code that is not executed in any scenario
Which aspect is least likely to be detected by static analysis?
Performance issues
What is the purpose of a requirements review in static analysis?
To detect errors and ensure conformity with specifications
Which of these is an example of a coding standard?
Naming conventions for variables
