312-50V10 · Question #222
Seth is starting a penetration test from inside the network. He hasn't been given any information about the network. What type of test is he conducting?
The correct answer is A. Internal, Blackbox. A penetration test started from inside the network perimeter with no prior knowledge of the target qualifies as an internal, blackbox test.
Question
Seth is starting a penetration test from inside the network. He hasn't been given any information about the network. What type of test is he conducting?
Options
- AInternal, Blackbox
- BExternal, Blackbox
- CExternal, Whitebox
- DInternal, Whitebox
How the community answered
(27 responses)- A89% (24)
- B7% (2)
- C4% (1)
Why each option
A penetration test started from inside the network perimeter with no prior knowledge of the target qualifies as an internal, blackbox test.
Internal describes Seth's starting position - he is already inside the network perimeter, simulating a malicious insider or a post-breach lateral movement scenario. Blackbox means the tester has been given zero prior knowledge about the environment, so Seth must enumerate the network topology, hosts, and services entirely on his own without any assistance from the organization.
External would mean Seth is starting from outside the network perimeter, which directly contradicts the scenario stating he is inside the network.
External is wrong because Seth is inside the network, and Whitebox is wrong because he has no pre-shared information about the environment.
While Internal correctly describes Seth's position, Whitebox is incorrect because a Whitebox test provides full network diagrams, credentials, and architecture details - Seth has received none of that information.
Concept tested: Penetration test classification - internal vs external and blackbox vs whitebox
Source: https://csrc.nist.gov/publications/detail/sp/800-115/final
Topics
Community Discussion
No community discussion yet for this question.