Which one of the following is the PRIMARY objective of penetration testing?
A.
Assessment
B.
Correction
C.
Detection
D.
Protection
Explanation:
Its goal is to measure an organization’s resistance to an attack and to uncover any weakness
within the environment…The result of a penetration test is a report given to management
describing the list of vulnerabilities that were identified and the severity of those vulnerabilities. -Shon Harris All-in-one CISSP Certification Guide pg 837-839
Not A: Assessment would imply management deciding whether they can live with a given
vulnerability.
Ms Harris says: “Its goal is to measure…”. Detection is not as close to ‘measure’ as Assessment is..
0
0
“Assessment” is the same as “Measurement” so it can’t be “Detection. The correct answer should be A
0
0
Detect – discover or identify the presence or existence of.
I think the question is based in such a way that,
1. Vulnerabilities discovered (detect)
2. Assess what’s discovered.
0
0