IT Certification exam information exchange, brain dumps discussions sharing.
You are not logged in. Please login or register.
Share Test → TXT Questions and Answers → SY0-601 topic 1 question 745
An enterprise has hired an outside security firm to conduct penetration testing on its network and applications. The firm has been given all the developer’s documentation about the internal architecture. Which of the following best represents the type of testing that will occur?
A.
Bug bounty
B.
White-box
C.
Black-box
D.
Gray-box
White box = Know all the info
Gray box = Know some of the info
Black box = know none of the info
D. Gray-box
white box
B. White-box
White-box testing is a type of penetration testing where the tester has full knowledge of the internal architecture, design, and implementation of the systems being tested. In this scenario, since the outside security firm has been given all the developer's documentation about the internal architecture, the testing would be considered white-box testing. White-box testing allows the tester to have an in-depth understanding of the system, enabling them to identify vulnerabilities more comprehensively.
I think it's Gray Box (Answer D) as All developer's document does not mean all document required for Network and Application.
white box penetration testing also known as clear box testing or transparent box testing, is a security testing approach where the tester has complete knowledge of the internal workings of the system being tested. In white box testing, the tester has access to detailed information about the architecture, design, source code, and implementation of the application or system.
Given the details, B is correct
B. White-box
White-box testing is a type of penetration testing where the tester has full knowledge of the internal architecture, design, and implementation of the systems being tested. In this scenario, since the outside security firm has been given all the developer's documentation about the internal architecture, the testing would be considered white-box testing. White-box testing allows the tester to have an in-depth understanding of the system, enabling them to identify vulnerabilities more comprehensively.
Share Test → TXT Questions and Answers → SY0-601 topic 1 question 745
Note: This forum is a platform for users to share insights and discuss exam-related topics. We do not provide authentic exam questions or answers. The content here is contributed by community members and is meant for collaborative learning and discussion purposes only. Users are encouraged to refer to official sources for accurate exam materials.