CEH v9 Question of the Week: Web Application Penetration Testing

The correct answer is B.

The Open Web Application Security Project (OWASP) is a worldwide free and open community focused on improving the security of application software.

OSSTMM v3.0 is a methodology to test the operational security of physical locations, human interactions, and all forms of communications such as wireless, wired, analog, and digital.

NIST SP 800-115 is a guide to the basic technical aspects of conducting information security assessments. It presents technical testing and examination methods and techniques that an organization might use as part of an assessment, and offers insights to assessors on their execution and the potential impact they may have on systems and networks.