When conducting a penetration test, you are to evaluate the security posture of both the public-facing (external) applications and the internal network infrastructure of an organization. Assuming that all legal permissions and access rights are in place, which approach would BEST align with the penetration testing strategy to comprehensively assess the security of both external and internal targets within the confines of the test scope?
A combination of network-based tests for the internal infrastructure and application-based tests for the public-facing applications
Full knowledge testing using source code analysis and network sniffing for both external and internal targets
Purely passive reconnaissance of both external and internal assets
Exclusive external testing of the perimeter networks and public IP addresses
Choosing a combination of network-based and application-based tests specifically tailored for the respective environments is the best approach to comprehensively assess the security of both external (public-facing applications) and internal targets (internal network infrastructure). Network-based tests are suitable for evaluating the internal infrastructure, while application-based tests target public-facing applications. These two approaches complement each other by providing coverage for the different types of assets. Full knowledge testing is more aligned with white-box testing, which might not be as effective for external targets without prior knowledge. Passive reconnaissance is usually a preliminary step and doesn't actively test security controls. External testing only does not provide coverage for internal network infrastructure vulnerabilities.
Ask Bash
Bash is our AI bot, trained to help you pass your exam. AI Generated Content may display inaccurate information, always double-check anything important.
What are network-based tests, and how do they evaluate internal infrastructure?
Open an interactive chat with Bash
What are application-based tests, and why are they important for public-facing applications?
Open an interactive chat with Bash
What is the significance of having legal permissions and access rights in penetration testing?