Friday, September 11, 2015

CISSP Exam Preparation (Question 312)

(312) Which one of the following is the PRIMARY objective of penetration testing?

A. Assessment
B. Correction
C. Detection
D. Protection

Correct Answer: C



Its goal is to measure an organization's resistance to an attack and to uncover any weakness within the environment...The result of a penetration test is a report given to management describing the list of vulnerabilities that were identified and the severity of those vulnerabilities. - Shon Harris All-in-one CISSP Certification Guide pg 837-839

Not A: Assessment would imply management deciding whether they can live with a given vulnerability.

- Muhammad Idham Azhari

No comments: