Home › Software Testing › Software Testing › advanced_security_performance › Dynamic Application Security Testing (DAST) tests
Dynamic Application Security Testing (DAST) tests
AContainer images for known CVEs only
BA running application from the outside
CSource code without any execution at all
DCompiled bytecode for static patterns
Answer & Solution
Correct answer: B. A running application from the outside
DAST scans the running application as a black box, sending malicious payloads and observing responses. Tools: OWASP ZAP, Burp Suite, Acunetix. Complements SAST and SCA in the security toolbox.
Related questions
Test coverage is BEST described asContinuous Testing in DevOps meansIn the V model of SDLC, system testing corresponds to'Test data' management addressesIn ISTQB terminology, a 'test oracle' isAcceptance Test Driven Development (ATDD) emphasisesTest Driven Development uses the rhythm ofRecovery testing simulates