nerdexam
EC-Council

312-50V10 · Question #208

What is the role of test automation in security testing?

The correct answer is D. It can accelerate benchmark tests and repeat them with a consistent test setup. But it cannot. Test automation accelerates and standardizes security benchmark tests but cannot fully replace manual testing because complex vulnerabilities require human judgment and creative reasoning.

Information Security and Ethical Hacking Fundamentals

Question

What is the role of test automation in security testing?

Options

  • AIt is an option but it tends to be very expensive.
  • BIt should be used exclusively. Manual testing is outdated because of low spend and possible test
  • CTest automation is not usable in security due to the complexity of the tests.
  • DIt can accelerate benchmark tests and repeat them with a consistent test setup. But it cannot

How the community answered

(46 responses)
  • A
    4% (2)
  • B
    13% (6)
  • C
    9% (4)
  • D
    74% (34)

Why each option

Test automation accelerates and standardizes security benchmark tests but cannot fully replace manual testing because complex vulnerabilities require human judgment and creative reasoning.

AIt is an option but it tends to be very expensive.

Test automation is generally cost-effective once configured because it eliminates repetitive manual effort at scale - the claim that it is prohibitively expensive is not accurate as a general rule.

BIt should be used exclusively. Manual testing is outdated because of low spend and possible test

Exclusive reliance on automated testing is insufficient because tools cannot detect all vulnerability classes, especially logic flaws and novel attack paths that require contextual human reasoning.

CTest automation is not usable in security due to the complexity of the tests.

Test automation is widely applicable and practical in security testing for activities like vulnerability scanning, fuzzing, and regression checks - characterizing it as unusable due to complexity is incorrect.

DIt can accelerate benchmark tests and repeat them with a consistent test setup. But it cannotCorrect

Automated security testing tools excel at executing predefined test cases rapidly and repeatably with a consistent configuration, making them well-suited for regression scanning and benchmark comparisons. However, automated tools cannot reason about application logic, novel attack chains, or context-dependent vulnerabilities the way a skilled human tester can. A mature security testing program combines automation for speed and consistency with manual techniques for depth and creative coverage.

Concept tested: Role and limitations of security test automation

Source: https://owasp.org/www-project-web-security-testing-guide/latest/3-The_OWASP_Testing_Framework/1-Penetration_Testing_Methodologies

Topics

#test automation#security testing#penetration testing methodology#benchmark testing

Community Discussion

No community discussion yet for this question.

Full 312-50V10 Practice