Which of the following test methods has the objective to test the IT system…?

seenagapeJuly 6, 2016

Which of the following test methods has the objective to test the IT system from the viewpoint of a
threat-source and to identify potential failures in the IT system protection schemes?

PrepAway - Latest Free Exam Questions & Answers

A.
Penetration testing

B.
On-site interviews

C.
Security Test and Evaluation (ST&E)

D.
Automated vulnerability scanning tool

Explanation:
The goal of penetration testing is to examine the IT system from the perspective of a threat-source,
and to identify potential failures in the IT system protection schemes. Penetration testing, when
performed in the risk assessment process, is used to assess an IT system’s capability to survive with
the intended attempts to thwart system security.
Answer option C is incorrect. The objective of ST&E is to ensure that the applied controls meet the
approved security specification for the software and hardware and implement the organization’s
security policy or meet industry standards.

Get 50% Discount on All Your Purchases
at PrepAway.com - Latest Exam Questions

This is ONE TIME OFFER

Enter your email address to receive your 50% off dicount code:

SPECIAL OFFER: GET 50% OFF

Use Discount Code:

ISC Exam Questions

Free ISC2 Study Guide

Which of the following test methods has the objective to test the IT system…?

Leave a Reply Cancel reply