Which of the following types of testing is this an exam…
A quality assurance analyst is reviewing a new software product for security, and has complete access to the
code and data structures used by the developers.
Which of the following types of testing is this an example of?
what the security company might do during a black box test?
Matt, the Chief Information Security Officer (CISO), tells the network administrator that a security company has
been hired to perform a penetration test against his network. The security company asks Matt which type of
testing would be most beneficial for him. Which of the following BEST describes what the security company
might do during a black box test?
Which of the following types of testing is this an exam…
The security consultant is assigned to test a client’s new software for security, after logs show targeted attacks
from the Internet. To determine the weaknesses, the consultant has no access to the application program
interfaces, code, or data structures.
Which of the following types of testing is this an example of?
A process in which the functionality of an application …
A process in which the functionality of an application is tested without any knowledge of the internal
mechanisms of the application is known as:
Which of the following is the team performing?
The Quality Assurance team is testing a new third party developed application. The Quality team does not have
any experience with the application. Which of the following is the team performing?
Which of the following should Joe recommend to remediat…
Joe a company’s new security specialist is assigned a role to conduct monthly vulnerability scans across the
network. He notices that the scanner is returning a large amount of false positives or failed audits. Which of the
following should Joe recommend to remediate these issues?
Which of the following is an example of a false positive?
Which of the following is an example of a false positive?
Which of the following is BEST utilized to identify com…
Which of the following is BEST utilized to identify common misconfigurations throughout the enterprise?
Which of the following risks is MOST likely to affect t…
A company is looking to improve their security posture by addressing risks uncovered by a recent penetration
test.
Which of the following risks is MOST likely to affect the business on a day-to-day basis?
Which of the following tests a number of security contr…
Which of the following tests a number of security controls in the least invasive manner?