PT0-003
Vulnerability Discovery and Analysis
medium
Question 3 of 17

A penetration tester is performing DAST (Dynamic Application Security Testing) on a web application. Which characteristic distinguishes DAST from SAST (Static Application Security Testing)?

ADAST requires access to the application source code
BDAST tests the running application by sending inputs and analyzing responses
CDAST is performed before the application is deployed
DDAST checks code syntax and logic without executing it

More Vulnerability Discovery and Analysis Questions

17 questions

Full CompTIA PenTest+ Practice Test

All topics covered

All CompTIA PenTest+ Questions

Browse by topic

Related Questions

Which vulnerability scanning tool is commonly associated with credentialed (authenticated) scanning ...

easy

A penetration tester performs an unauthenticated vulnerability scan and receives a result flagging a...

medium

A penetration tester reviews a Nessus scan report and notices that a Windows server is flagged for M...

hard

A penetration tester is using Nikto to scan a web server. What category of vulnerabilities is Nikto ...

medium

A penetration tester performs a credentialed Nessus scan of a Linux server and receives a critical f...

hard
View all Vulnerability Discovery and Analysis questions

Educational Content — CertQnA practice questions are written against official exam objectives, covering the same domains tested on the real exam. All content is original and independent — not actual exam questions, not affiliated with any certification vendor. Learn more about our content policy

Discussion

Be the first to share your understanding of this concept

⚠️ Discussion is for concept clarification only. Do not share or request actual exam questions or answers.

Sign in to join the discussion

Sign InCreate free account