When comparing the testing methodologies of Open Web Application Security Project (OWASP) and Open Source Security Testing Methodology Manual (OSSTMM) the main difference is
A.
OWASP is for web applications and OSSTMM does not include web applications.
B.
OSSTMM is gray box testing and OWASP is black box testing.
what about A since OSSTMM is for network security? EC-Council states that "The updated guide of OWASP provides over 66 controls to identify and assess vulnerabilities with numerous functionalities found in the latest applications today." (reference: https://blog.eccouncil.org/5-penetration-testing-methodologies-and-standards-for-better-roi/) so OWASP does include controls!
This section is not available anymore. Please use the main Exam Page.312-50 Exam Questions
Log in to ExamTopics
Sign in:
Community vote distribution
A (35%)
C (25%)
B (20%)
Other
Most Voted
A voting comment increases the vote count for the chosen answer by one.
Upvoting a comment with a selected answer will also increase the vote count towards that answer by one.
So if you see a comment that you already agree with, you can upvote it instead of posting a new comment.
melante
3 years, 8 months agoScript_Kitty
11 months, 1 week ago