Which of the following tests a number of security controls in the least invasive manner?

A company is looking to improve their security posture by addressing risks uncovered by a recent
penetration test. Which of the following risks is MOST likely to affect the business on a day-to-day
basis?

A company is looking to improve their security posture by addressing risks uncovered by a recent
penetration test. Which of the following risks is MOST likely to affect the business on a day-to-day
basis?

Which of the following is BEST utilized to identify common misconfigurations throughout the
enterprise?

Which of the following is BEST utilized to identify common misconfigurations throughout the
enterprise?

Which of the following is an example of a false positive?

Which of the following is an example of a false positive?

Joe a company’s new security specialist is assigned a role to conduct monthly vulnerability scans

across the network. He notices that the scanner is returning a large amount of false positives or
failed audits. Which of the following should Joe recommend to remediate these issues?

The Quality Assurance team is testing a new third party developed application. The Quality team
does not have any experience with the application. Which of the following is the team performing?

A process in which the functionality of an application is tested without any knowledge of the
internal mechanisms of the application is known as: