Matt, the Chief Information Security Officer (CISO), tells the network administrator that a security
company has been hired to perform a penetration test against his network. The security company
asks Matt which type of testing would be most beneficial for him. Which of the following BEST
describes what the security company might do during a black box test?
A.
The security company is provided with all network ranges, security devices in place, and logical
maps of the network.
B.
The security company is provided with no information about the corporate network or physical
locations.
C.
The security company is provided with limited information on the network, including all network
diagrams.
D.
The security company is provided with limited information on the network, including some
subnet ranges and logical network diagrams.