Free CompTIA CySA+ CS0-003 Practice Question

Your organization has a web application that processes sensitive customer data. As part of a routine vulnerability assessment, you decide to use ZAP to scan the application. What type of scan should you perform first to ensure you have a comprehensive understanding of the application's security posture without requiring authentication credentials?

  • Utilize a Forced Browse scan to uncover resources that were not found during the normal crawling process.

  • Conduct an Active scan immediately to identify vulnerabilities in real-time interactions.

  • Initiate an AJAX Spider scan specifically focused on the JavaScript elements of the application.

  • Perform a Spider scan to map out the publicly accessible areas of the application.

This question's topic:
CompTIA CySA+ CS0-003 / 
Vulnerability Management
Your Score:

Check or uncheck an objective to set which questions you will receive.