CISSP · Question #327
CISSP Question #327: Real Exam Question with Answer & Explanation
The correct answer is A: Penetration. Penetration testing is a type of test that an organization performs in order to locate and target exploitable defects in its information systems and networks. Penetration testing simulates a real- world attack scenario, where a tester, also known as a penetration tester or ethica
Question
Which type of test would an organization perform in order to locate and target exploitable defects?
Options
- APenetration
- BSystem
- CPerformance
- DVulnerability
Explanation
Penetration testing is a type of test that an organization performs in order to locate and target exploitable defects in its information systems and networks. Penetration testing simulates a real- world attack scenario, where a tester, also known as a penetration tester or ethical hacker, tries to find and exploit the vulnerabilities in the system or network, using the same tools and techniques as a malicious attacker. The goal of penetration testing is to identify the weaknesses and gaps in the security posture of the organization, and to provide recommendations and solutions to mitigate or eliminate them. Penetration testing can help the organization improve its security awareness, compliance, and resilience, and prevent potential breaches or incidents.
Topics
Community Discussion
No community discussion yet for this question.