What is an advantage of using dynamic application security testing (DAST) over static application security testing (SAST) methodology?
A . DAST is slower but thorough.
B . Unlike SAST, DAST is a black box and programming language agnostic.
C . DAST can dynamically integrate with most continuous integration and continuous delivery (CI/CD) tools.
D . DAST delivers more false positives than SAST
Answer: B
Explanation:
Dynamic application security testing (DAST) is a method of testing the security of an application by simulating attacks from an external source. DAST does not require access to the source code or binaries of the application, unlike static application security testing (SAST), which analyzes the code for vulnerabilities. Therefore, DAST is a black box testing technique, meaning that it does not need any knowledge of the internal structure, design, or implementation of the application. DAST is also programming language agnostic, meaning that it can test applications written in any language, framework, or platform. This makes DAST more flexible and adaptable to different types of applications and environments. However, DAST also has some limitations, such as being slower, less accurate, and more dependent on the availability and configuration of the application.
Reference: SAST vs. DAST: What’s the Difference?
SAST vs DAST: What’s the Difference?
SAST vs. DAST: Enhancing application security
Latest CCAK Dumps Valid Version with 76 Q&As
Latest And Valid Q&A | Instant Download | Once Fail, Full Refund