CompTIA CASP+ (CAS-004) — Question 152

A security researcher has been given an executable that was captured by a honeypot. Which of the following should the security researcher implement to test the executable?

Answer options

• A. OSINT
• B. SAST
• C. DAST
• D. OWASP

Correct answer: C

Explanation

DAST (Dynamic Application Security Testing) is appropriate for testing the executable in a runtime environment to identify vulnerabilities during execution. OSINT (Open Source Intelligence) and SAST (Static Application Security Testing) focus on different aspects, such as gathering information and analyzing source code, which are not effective for runtime testing. OWASP is a framework that provides guidelines but does not directly relate to testing an executable.