Which one of the following is the PRIMARY objective of penetration testing?
A.
Assessment
B.
Correction
C.
Detection
D.
Protection
Explanation:
Its goal is to measure an organization’s resistance to an attack and to uncover any weakness
within the environment…The result of a penetration test is a report given to management
describing the list of vulnerabilities that were identified and the severity of those vulnerabilities. -Shon Harris All-in-one CISSP Certification Guide pg 837-839
Not A: Assessment would imply management deciding whether they can live with a given
vulnerability.