CompTIA PenTest+ (PT0-002) — Question 2
Which of the following tools would be BEST suited to perform a manual web application security assessment? (Choose two.)
Answer options
- A. OWASP ZAP
- B. Nmap
- C. Nessus
- D. BeEF
- E. Hydra
- F. Burp Suite
Correct answer: A, F
Explanation
OWASP ZAP and Burp Suite are specifically designed for web application security assessments, offering features for manual testing and vulnerability scanning. Nmap, Nessus, BeEF, and Hydra serve different purposes, such as network scanning or brute force attacks, making them less suitable for focused web application security evaluations.