Free CompTIA PenTest+ PT0-002 Practice Question
Your penetration testing firm has been contracted to conduct a security assessment of a web application. The client has specified the use of recognized industry standards. As part of your scoping document, you decide to incorporate the OWASP Top 10 to structure the testing methodology. Which of the following best describes the relevance of including the OWASP Top 10 in your scoping document?
It helps prioritize the focus of the penetration test on common web application vulnerabilities recognized as significant industry-wide.
It sets the legal framework for conducting penetration tests, ensuring compliance with international laws and regulations.
It mandates a mandatory checklist that the client must resolve before a penetration test can be considered valid.
It provides a complete list of all possible vulnerabilities in any given web application, ensuring a penetration test will cover every known vulnerability.
