CompTIA PenTest+ PT0-002 – Question141

A Chief Information Security Officer wants to evaluate the security of the company's e-commerce application.
Which of the following tools should a penetration tester use FIRST to obtain relevant information from the application without triggering alarms?

A.
SQLmap
B. DirBuster
C. w3af
D. OWASP ZAP

Correct Answer: D