CompTIA CASP+ (CAS-004) — Question 605

Before launching a new web application, an organization would like to perform security testing. Which of the following resources should the organization use to determine the objectives for the test?

Answer options

• A. CASB
• B. SOAR
• C. OWASP
• D. ISAC

Correct answer: C

Explanation

OWASP provides guidelines and best practices for web application security testing, making it the most suitable resource for defining testing objectives. The other options, while relevant in their contexts, do not specifically focus on the goals and methodologies for security testing of web applications.