Types of penetration testing — Quiz

Types of penetration testing

1. During a security assessment, the penetration testers are provided with source code, network architecture diagrams, and user credentials. This scenario best describes which penetration testing approach? (Choose one answer) a) Black Box b) White Box c) Grey Box d) Red Team

2. A company wants to test its resilience against a realistic external attacker who has no inside information. Which testing method is MOST appropriate for this goal? (Choose one answer) a) White Box Penetration Test b) Black Box Penetration Test c) Code Review d) Internal Network Test

3. Which type of penetration test is primarily focused on identifying misconfigurations in IAM policies and insecure cloud storage buckets? (Choose one answer) a) Web Application Penetration Testing b) Network Penetration Testing c) Cloud Penetration Testing d) Social Engineering Penetration Testing

4. Which of the following is identified in the section as a "strategic risk" associated with the penetration testing process itself? (Choose one answer) a) Unintentional system crashes or denial of service b) A criminal hacker eavesdropping on the tester's activities c) The penetration tester seeing confidential data d) Log-file size explosions

5. The modern equivalent of the historical "Local Network" test, which now focuses on validating micro-segmentation and lateral movement controls, is known as what? (Choose one answer) a) External Network Testing b) Internal Network Testing & Zero-Trust Validation c) Wireless Network Testing d) Stolen Asset Scenario Testing