312-50V11 · Question #222
Seth is starting a penetration test from inside the network. He hasn't been given any information about the network. What type of test is he conducting?
The correct answer is A. Internal, Blackbox. A penetration test starting from inside the network with zero prior knowledge is classified as an internal blackbox test.
Question
Seth is starting a penetration test from inside the network. He hasn't been given any information about the network. What type of test is he conducting?
Options
- AInternal, Blackbox
- BExternal, Blackbox
- CExternal, Whitebox
- DInternal, Whitebox
How the community answered
(29 responses)- A93% (27)
- B3% (1)
- D3% (1)
Why each option
A penetration test starting from inside the network with zero prior knowledge is classified as an internal blackbox test.
Internal designates that the test originates from within the organization's network perimeter, simulating a malicious insider or a post-compromise internal pivot. Blackbox means the tester has been given no prior information about the environment - no network diagrams, no credentials, no system details - requiring full unaided reconnaissance. Seth's scenario matches both criteria precisely, making Internal Blackbox the correct classification.
External means the attacker starts from outside the network perimeter, which contradicts Seth's position inside the network.
External is wrong because Seth is inside the network, and Whitebox is wrong because he has received no prior information about the environment.
Whitebox requires the tester to have full knowledge such as source code, network maps, and credentials - the opposite of Seth's zero-information scenario.
Concept tested: Penetration test classification - internal/external and black/white box
Source: https://csrc.nist.gov/publications/detail/sp/800-115/final
Topics
Community Discussion
No community discussion yet for this question.