Which of the following is an example of a false positive?
Which of the following is an example of a false positive?
Which of the following should Joe recommend to remediate these issues?
Joe a company’s new security specialist is assigned a role to conduct monthly vulnerability scans across
the network. He notices that the scanner is returning a large amount of false positives or failed audits.
Which of the following should Joe recommend to remediate these issues?
Which of the following is the team performing?
The Quality Assurance team is testing a new third party developed application. The Quality team does not
have any experience with the application. Which of the following is the team performing?
A process in which the functionality of an application is tested without any knowledge of the internal mechani
A process in which the functionality of an application is tested without any knowledge of the internal
mechanisms of the application is known as:
which of the following types of testing?
The security consultant is assigned to test a client’s new software for security, after logs show targeted
attacks from the Internet. To determine the weaknesses, the consultant has no access to the application
program interfaces, code, or data structures. This is an example of which of the following types of
testing?
what the security company might do during a black box test?
Matt, the Chief Information Security Officer (CISO), tells the network administrator that a security
company has been hired to perform a penetration test against his network. The security company asks
Matt which type of testing would be most beneficial for him. Which of the following BEST describes what
the security company might do during a black box test?
which of the following types of testing?
A quality assurance analyst is reviewing a new software product for security, and has complete access to
the code and data structures used by the developers. This is an example of which of the following types of
testing?
Which of the following reviews should Jane conduct?
Pete, a developer, writes an application. Jane, the security analyst, knows some things about the overall
application but does not have all the details. Jane needs to review the software before it is released to
production. Which of the following reviews should Jane conduct?
which of the following types of testing?
An IT auditor tests an application as an authenticated user. This is an example of which of the following
types of testing?
Which of the following is the developer performing when testing the application?
A software development company has hired a programmer to develop a plug-in module to an existing
proprietary application. After completing the module, the developer needs to test the entire application
to ensure that the module did not introduce new vulnerabilities. Which of the following is the developer
performing when testing the application?