Which of the following test methods has the objective to test the IT system from the viewpoint of a threat-source…?

Which of the following test methods has the objective to test the IT system from the viewpoint of a
threat-source and to identify potential failures in the IT system protection schemes?

Which of the following test methods has the objective to test the IT system from the viewpoint of a
threat-source and to identify potential failures in the IT system protection schemes?

A.
Security Test and Evaluation (ST&E)

B.
Penetration testing

C.
Automated vulnerability scanning tool

D.
On-site interviews

Explanation:
The goal of penetration testing is to examine the IT system from the perspective of a
threat-source, and to identify potential failures in the IT system protection schemes. Penetration
testing, when performed in the risk assessment process, is used to assess an IT system’s
The objective of ST&E is to ensure that the applied controls meet the approved security
specification for the software and hardware and implement the organization’s security policy or
meet industry standards.



Leave a Reply 0

Your email address will not be published. Required fields are marked *