GIAC Certified Incident Handler (GCIH) — Question 181
Which of the following tools can be used as penetration tools in the Information system auditing process?
Each correct answer represents a complete solution. (Choose two.)
Answer options
- A. Nmap
- B. Snort
- C. SARA
- D. Nessus
Correct answer: C, D
Explanation
SARA and Nessus are both tools designed specifically for vulnerability assessment and penetration testing, making them suitable for the auditing process. Nmap is primarily a network scanning tool, and Snort is used for intrusion detection, which does not directly fit the criteria for penetration tools.