CSSLP · Question #217
CSSLP Question #217: Real Exam Question with Answer & Explanation
The correct answer is A: Open-box. Penetration tests are categorized based on the level of information provided to the testers, which includes open-box (white-box), closed-box (black-box), and partial-knowledge (grey-box) testing.
Question
Penetration tests are sometimes called white hat attacks because in a pen test, the good guys are attempting to break in. What are the different categories of penetration testing? Each correct answer represents a complete solution. Choose all that apply.
Options
- AOpen-box
- BClosed-box
- CZero-knowledge test
- DFull-box
- EFull-knowledge test
- FPartial-knowledge test
Explanation
Penetration tests are categorized based on the level of information provided to the testers, which includes open-box (white-box), closed-box (black-box), and partial-knowledge (grey-box) testing.
Common mistakes.
- D. Full-box is not a standard, recognized category or synonym for penetration testing types based on knowledge level.
Concept tested. Types of penetration testing based on knowledge
Reference. https://learn.microsoft.com/en-us/azure/security/fundamentals/pen-testing
Topics
Community Discussion
No community discussion yet for this question.