SY0-301 · Question #590
SY0-301 Question #590: Real Exam Question with Answer & Explanation
The correct answer is B: Penetration test. A penetration test (Option B) is an authorized, simulated attack on a system where a tester actively attempts to exploit vulnerabilities to evaluate the effectiveness of security controls. It is 'active' testing - the tester takes action to breach defenses, just as a real attacke
Question
Options
- APort scanning
- BPenetration test
- CVulnerability scanning
- DGrey/Gray box
Explanation
A penetration test (Option B) is an authorized, simulated attack on a system where a tester actively attempts to exploit vulnerabilities to evaluate the effectiveness of security controls. It is 'active' testing - the tester takes action to breach defenses, just as a real attacker would. Option A (Port scanning) is a passive reconnaissance technique that discovers open ports but does not test whether controls can be bypassed. Option C (Vulnerability scanning) automatically identifies known vulnerabilities but does not attempt to exploit them - it reports potential weaknesses without confirming exploitability. Option D (Grey/Gray box) describes a testing methodology (partial knowledge of the system), not a testing type in itself. Penetration testing is the gold standard for actively validating that security controls work as intended.
Community Discussion
No community discussion yet for this question.