A software for a networking device is written using C programming language. There is a requirement in the software to get input from the programmers had used the gets$()$ method for getting the input from the user and this lead to a very serious vulnerability known as buffer

Note: gets$()$ is already listed as a vulnerable$/$bad coding practice in the CERT Coding Guidelines and has recommended developers to use I fgets$()$ instead of gets$().$

Which of the following Secure SDLC practices could have helped in preventing and$/$or detecting such issues? $($Choose TWO most appropri$)$

Deprecate unsafe functions

Source code scanning using Static Application Security Testing $($SAST$)$ tools

User risk assessment

Establish a disposal$/$transition plan