SANS SEC504: Hacker Tools, Techniques and Incident Handling — Question 26

Which of the following tools can be used as penetration tools in the Information system auditing process? Each correct answer represents a complete solution.
Choose two.

Answer options

• A. Nmap
• B. Snort
• C. SARA
• D. Nessus

Correct answer: C, D

Explanation

SARA and Nessus are both tools specifically designed for penetration testing and vulnerability assessment within the auditing process. Nmap is primarily a network scanning tool, while Snort is an intrusion detection system, making them less suitable for the specific task of penetration testing.