Which one of the following is the PRIMARY objective of penetration testing?
A.
Assessment
B.
Correction
C.
Detection
D.
Protection
Explanation:
Its goal is to measure an organization’s resistance to an attack and to uncover any weakness within
the environment…The result of a penetration test is a report given to management describing the
list of vulnerabilities that were identified and the severity of those vulnerabilities. – Shon Harris Allin-one CISSP Certification Guide pg 837-839
Not A: Assessment would imply management deciding whether they can live with a given
vulnerability.