ExamTopics Logo
Mail Us[email protected]
Menu
Comptia Discussions
exam questions

Exam PT0-002 All Questions

View all questions & answers for the PT0-002 exam
Go to Exam

Exam PT0-002 topic 1 question 116 discussion

Actual exam question from CompTIA's PT0-002
Question #: 116
Topic #: 1
[All PT0-002 Questions]

Which of the following tools would be BEST suited to perform a manual web application security assessment? (Choose two.)

  • A. OWASP ZAP
  • B. Nmap
  • C. Nessus
  • D. BeEF
  • E. Hydra
  • F. Burp Suite
Show Suggested Answer Hide Answer
Suggested Answer: AF 🗳️
by Neolot at Oct. 8, 2022, 9:25 a.m.

Comments

Chosen Answer:
This is a voting comment (?). It is better to Upvote an existing comment if you don't have anything to add.
Switch to a voting comment New
Submit Cancel
Neolot
Highly Voted 1 year, 7 months ago
Selected Answer: AF
AF is correct
upvoted 7 times
...
solutionz
Most Recent 9 months ago
Selected Answer: AF
The two tools that would be BEST suited to perform a manual web application security assessment are: A. OWASP ZAP (Zed Attack Proxy): OWASP ZAP is specifically designed for web application security testing and is a widely used open-source tool for finding vulnerabilities in web applications. It offers various features such as intercepting and modifying HTTP requests, automated scanners, and active/passive security testing. F. Burp Suite: Burp Suite is a popular web vulnerability scanner and security testing tool that is widely used in the industry. It provides a comprehensive set of tools for web application security testing, including proxy, spider, scanner, intruder, and repeater, among others. While the other tools listed (Nmap, Nessus, BeEF, and Hydra) have their uses in security assessments, they are more focused on network scanning and penetration testing rather than web application security assessments, which makes OWASP ZAP and Burp Suite better choices for this specific task.
upvoted 4 times
...
mouettespaghetti
9 months, 3 weeks ago
Owasp is automated... I go with nmap and burp
upvoted 1 times
...
xviruz2kx
1 year, 1 month ago
Selected Answer: AF
A. OWASP ZAP F. Burp Suite Explanation: OWASP ZAP and Burp Suite are both web application security assessment tools. OWASP ZAP is an open-source web application security scanner and Burp Suite is a commercial product that provides a suite of web application security testing tools, including a proxy, scanner, and other features. Nmap and Nessus are network scanners, BeEF is a browser exploitation framework, and Hydra is a password cracking tool.
upvoted 1 times
...
[Removed]
1 year, 2 months ago
A and F is the answer
upvoted 2 times
...
[Removed]
1 year, 3 months ago
Selected Answer: BF
Only nmap and burp suite are manual approaches.
upvoted 1 times
RRabbit_111
1 year, 3 months ago
While Nmap (Network Mapper) is a useful tool for network discovery and security auditing, it is not specifically designed for web application security assessments. Nmap is primarily used for network mapping, port scanning, and identifying open ports and services on a network. On the other hand, tools like OWASP ZAP and Burp Suite are specifically designed for web application security assessments and include features such as vulnerability scanning, web spidering, and intercepting and modifying HTTP requests.
upvoted 5 times
...
...
Community vote distribution
A (35%)
C (25%)
B (20%)
Other
Most Voted
A voting comment increases the vote count for the chosen answer by one.

Upvoting a comment with a selected answer will also increase the vote count towards that answer by one. So if you see a comment that you already agree with, you can upvote it instead of posting a new comment.

SaveCancel
exam
Someone Bought Contributor Access for:
SY0-701
London, 1 minute ago