Which mode has been selected by the provider?

CCAK V1 0 Comments

A cloud service provider contracts for a penetration test to be conducted on its infrastructures. The auditor engages the target with no prior knowledge of its defenses, assets, or channels. The provider’s security operation center is not notified in advance of the scope of the audit and the test vectors.

Which mode has been selected by the provider?
A . Reversal
B . Double blind
C . Double gray box
D . Tandem

Answer: B

Explanation:

A double blind penetration test is a type of pen test where the hacker has no prior knowledge of the target’s defenses, assets, or channels, and the target’s security team is not notified in advance of the scope of the audit and the test vectors. This mode simulates a real-world attack scenario, where both the attacker and the defender have to rely on their skills and resources to achieve their objectives. A double blind penetration test can help evaluate the effectiveness of the target’s security posture, detection and response capabilities, and incident management procedures12.

Reference: What is Penetration Testing | Step-By-Step Process & Methods | Imperva 7 Types of Penetration Testing: Guide to Pentest Methods & Types

Latest CCAK Dumps Valid Version with 76 Q&As

Latest And Valid Q&A | Instant Download | Once Fail, Full Refund

Instant Download CCAK PDF     CCAK Questions Online Training
Subscribe
Notify of
guest
0 Comments
Inline Feedbacks
View all comments