Open box testing, in the Flaw Hypothesis Methodology of Penetration Testing applies to the
analysis of
A.
Routers and firewalls
B.
Host-based IDS systems
C.
Network-based IDS systems
D.
General purpose operating systems
Explanation:
Flaw Hypothesis Methodology – A system analysis and penetration technique where specifications
and documentation for the system are analyzed and then flaws in the system are hypothesized.
The list of hypothesized flaws is then prioritized on the basis of the estimated probability that a
flaw actually exists and, assuming a flaw does exist, on the ease of exploiting it and on the extent
of control or compromise it would provide. The prioritized list is used to direct the actual testing of
the system. http://www.kernel.org/pub/linux/libs/security/Orange-Linux/refs/Orange/Orange0-5.html