Certified Cloud Security Professional (CCSP) — Question 304
What does dynamic application security testing (DAST) NOT entail?
Answer options
- A. Scanning
- B. Probing
- C. Discovery
- D. Knowledge of the system
Correct answer: D
Explanation
The correct answer is D because dynamic application security testing (DAST) focuses on scanning, probing, and discovering vulnerabilities without requiring in-depth knowledge of the system's internal workings. Options A, B, and C are all integral parts of the DAST process, as they involve analyzing the application in its running state to identify security issues.