Your organization has a web application that processes sensitive customer data. As part of a routine vulnerability assessment, you decide to use ZAP to scan the application. What type of scan should you perform first to ensure you have a comprehensive understanding of the application's security posture without requiring authentication credentials?
Utilize a Forced Browse scan to uncover resources that were not found during the normal crawling process.
Conduct an Active scan immediately to identify vulnerabilities in real-time interactions.
Perform a Spider scan to map out the publicly accessible areas of the application.
|Incident Response and Management
|Reporting and Communication