nerdexam
EC-Council

312-50V11 · Question #208

What is the role of test automation in security testing?

The correct answer is D. It can accelerate benchmark tests and repeat them with a consistent test setup. But it cannot. Test automation accelerates repeatable security benchmark tests but cannot fully replace manual testing for exploratory or creative security analysis.

Information Security and Ethical Hacking Fundamentals

Question

What is the role of test automation in security testing?

Options

  • AIt is an option but it tends to be very expensive.
  • BIt should be used exclusively. Manual testing is outdated because of low spend and possible test
  • CTest automation is not usable in security due to the complexity of the tests.
  • DIt can accelerate benchmark tests and repeat them with a consistent test setup. But it cannot

How the community answered

(47 responses)
  • A
    2% (1)
  • C
    4% (2)
  • D
    94% (44)

Why each option

Test automation accelerates repeatable security benchmark tests but cannot fully replace manual testing for exploratory or creative security analysis.

AIt is an option but it tends to be very expensive.

While tooling costs exist, automation typically reduces long-term cost and time for repeatable tests, making cost alone an inaccurate and misleading characterization.

BIt should be used exclusively. Manual testing is outdated because of low spend and possible test

Manual security testing remains essential for exploratory testing, threat modeling, and uncovering logic flaws that automated scanners are incapable of detecting.

CTest automation is not usable in security due to the complexity of the tests.

Test automation is widely and successfully used in security testing for vulnerability scanning, DAST, and compliance checks, and is not precluded by test complexity.

DIt can accelerate benchmark tests and repeat them with a consistent test setup. But it cannotCorrect

Automated security testing tools excel at executing consistent, repeatable scans and benchmark tests at speed, eliminating human variability in routine checks. However, automated tools cannot replicate the creative reasoning required for tasks such as threat modeling, logic flaw discovery, or complex multi-step attack simulation, which require human judgment. A mature security testing program combines both automation and manual techniques.

Concept tested: Role and limitations of automated security testing

Source: https://owasp.org/www-project-web-security-testing-guide/latest/

Topics

#test automation#security testing methodology#benchmark testing#manual vs automated

Community Discussion

No community discussion yet for this question.

Full 312-50V11 Practice