CISSP · Question #416
Which of the following security testing strategies is BEST suited for companies with low to moderate security maturity?
The correct answer is C. Black-box testing. Black-box testing is a security testing strategy that simulates an external attack on a system or application, without any prior knowledge of its internal structure, design, or implementation. Black- box testing is best suited for companies with low to moderate security maturity,
Question
Which of the following security testing strategies is BEST suited for companies with low to moderate security maturity?
Options
- ALoad Testing
- BWhite-box testing
- CBlack-box testing
- DPerformance testing
How the community answered
(52 responses)- A4% (2)
- B15% (8)
- C73% (38)
- D8% (4)
Explanation
Black-box testing is a security testing strategy that simulates an external attack on a system or application, without any prior knowledge of its internal structure, design, or implementation. Black- box testing is best suited for companies with low to moderate security maturity, as it can reveal the most obvious and common vulnerabilities, such as misconfigurations, default credentials, or unpatched software. Black-box testing can also provide a realistic assessment of the system's security posture from an attacker's perspective.
Topics
Community Discussion
No community discussion yet for this question.