What type of test is this? - ProProfs Discuss
Cancel
TopicsDown
Products Down
Follow Us:
FacebookTwitter
Advertisement

What type of test is this?
A test methodology in which assessors, using all available documentation (e.g., system design, source code, manuals) and working under no constraints, attempt to circumvent the security features of an information system is defined in NIST SP 800-53A.  



A. Validation
B. Functional
C. Structural
D. Penetration

This question is part of (ISC)2 Guide to the CAP Review Questions
Asked by Chrisjkent, Last updated: Sep 20, 2020

+ Answer
Request
Question menu
Vote up Vote down

2 Answers

BISSYOJO

BISSYOJO

BISSYOJO
BISSYOJO

Answered Jun 02, 2018

The scope of a test is characterized by one of the following three definitions from NIST SP 800-53A:
Functional testing (black-box testing) - Assumes knowledge of the functional specifications, high-level design, and operating specifications of the item under assessment.

Structural testing (gray-box, white-box testing) - Assumes (some) explicit knowledge of the internal structure of the item under assessment (e.g., low-level design, source code implementation representation).

Penetration testing - A test methodology in which assessors, using all available documentation (e.g., system design, source code, manuals) and working under no constraints, attempt to circumvent the security features of an information system.

upvote downvote
Reply 

chrisjkent

chrisjkent

chrisjkent
Chrisjkent

Answered Jun 03, 2018

Penetration
upvote downvote
Reply 

Advertisement
Advertisement
Search for Google images Google Image Icon
Select a recommended image
Upload from your computer Loader
Image Preview
Search for Google images Google Image Icon
Select a recommended image
Upload from your computer Loader
Image Preview
Search for Google images Google Image Icon
Select a recommended image
Upload from your computer Loader

Email Sent
We have sent an email to your address "" with instructions to reset your password.