CERTIFIED-IN-CYBERSECURITY · Question #143
CERTIFIED-IN-CYBERSECURITY Question #143: Real Exam Question with Answer & Explanation
The correct answer is D: Web application vulnerability scanner. Intrusion detection systems are designed to detect attacks, not vulnerabilities. The remaining three tools could all possibly discover cross-site scripting (XSS) vulnerabilities. However, a web application vulnerability scanner is the one that's most likely to detect it, since it
Question
Which one of these tools is MOST likely to detect an XSS vulnerability?
Options
- AStatic application test
- BNetwork vulnerability scanner
- CIntrusion detection system
- DWeb application vulnerability scanner
Explanation
Intrusion detection systems are designed to detect attacks, not vulnerabilities. The remaining three tools could all possibly discover cross-site scripting (XSS) vulnerabilities. However, a web application vulnerability scanner is the one that's most likely to detect it, since it is specifically designed to test web applications (see ISC2 Study Guide, chapter 4, module 3).
Topics
Community Discussion
No community discussion yet for this question.