Answered step by step
Verified Expert Solution
Question
1 Approved Answer
Which of the following most correctly address whether penetration testing is suitable for use during systems security verification or is best suited to ongoing monitoring
Which of the following most correctly address whether penetration testing is suitable for use during systems security verification or is best suited to ongoing monitoring and assessment? Each correct answer represents a complete solution. Choose all that apply. This type of question contains radio buttons and checkboxes for selection of options. Use Tab for navigation and Enter or space to select the option. A option A Penetration testing is most revealing when performed against a baseline already in use for some time, because the risks of people becoming complacent and mitigation controls becoming out of date increase with time. B option B Penetration testing is normally used during postdeployment systems assessment and starts with current knowledge of how threat actors attempt to reconnoiter, surveil, select, and penetrate a target; verification starts with a functional security requirements baseline and confirms via audit, test, or inspection that each requirement in that baseline still functions properly. Both techniques complement each other during the ongoing operational assessment. C option C Penetration testing has a valid and valuable contribution to make at any point in the lifecycle of a system, from initial systems analysis throughout its deployed operational use. D option D Penetration testing is not useful during verification testing or systems assessment, because by its nature penetration testing is a somewhat covert attempt to simulate a hostile attack, whereas verification testing is a formalized, planned, and monitored activity.
Step by Step Solution
There are 3 Steps involved in it
Step: 1
Get Instant Access to Expert-Tailored Solutions
See step-by-step solutions with expert insights and AI powered tools for academic success
Step: 2
Step: 3
Ace Your Homework with AI
Get the answers you need in no time with our AI-driven, step-by-step assistance
Get Started