John and his team are conducting a penetration test of a client’s network. The team will conduct its testing armed only with knowledge it acquired from the Web. The network staff is aware that the testing will take place, but the penetration testing team will only work with publicly available data and some information from the client. What is the degree of the team’s knowledge and what type of test is the team carrying out?

A.
Full knowledge; blind test

B.
Partial knowledge; blind test

C.
Partial knowledge; double-blind test

D.
Zero knowledge; targeted test

Explanation:
B: The penetration testing team can have varying degrees of knowledge about the penetration target before the tests are actually carried out. These degrees of
knowledge are zero knowledge, partial knowledge, and full knowledge. John and his team have partial knowledge; the team has some information about the
target. Tests may also be blind, double-blind, or targeted. John’s team is carrying out a blind test, meaning that the network staff knows that the test will take place.
+ A is incorrect because John and his team do not have full knowledge of the target. Full knowledge means that the team has intimate knowledge of the target
and fully understands the network, its software, and configurations. John’s team has information it gathered from the Web and partial information from the client.
This is partial knowledge. The rest of the answer is correct; the team is conducting a blind test.
+ C is incorrect because John and his team are not conducting a doubleblind test. A double-blind test, also called a stealth assessment, is when the assessor
carries out a blind test without the security staff’s knowledge. This enables the test to evaluate the network’s security level and the staff’s responses, log
monitoring, and escalation processes, and is a more realistic demonstration of the likely success or failure of an attack.
+ D is incorrect because John and his team do not have zero knowledge, nor are they conducting a targeted test. Zero knowledge means that the team does not
have any knowledge of the target and must start from ground zero. John’s team is starting the project with knowledge it acquired about the target online and with
information provided by the client. Targeted tests commonly involve external consultants and internal staff carrying out focused tests on specific areas of interest.
For example, before a new application is rolled out, the team might test it for vulnerabilities before installing it into production. John’s team is not focusing its testing
efforts on any one specific area.