(310) Management can expect penetration tests to provide all of the
following EXCEPT
A. identification of security
flaws
B. demonstration of the effects
of the flaws
C. a method to correct the
security flaws.
D. verification of the levels of
existing infiltration resistance
Correct Answer: C
Explanation
Explanation/Reference:
Explanation:
Penetration testing is a set of procedures designed
to test and possibly bypass security controls of a system. Its goal is to
measure an organization's resistance to an attack and to uncover any weaknesses within the
environment...The result of a penetration test is a report given to management
describing the list of vulnerabilities that were identified and the severity
of those vulnerabilities. From here, it is up to management to determine
how the vulnerabilities are dealt with and what countermeasures are implemented. - Shon Harris
All-in-one CISSP Certification Guide pg 837-839
- Muhammad Idham Azhari
No comments:
Post a Comment