Which of the following is NOT related to the Internal Security Assessment penetration testing
strategy?
A.
Testing to provide a more complete view of site security
B.
Testing focused on the servers, infrastructure, and the underlying software, including the
target
C.
Testing including tiers and DMZs within the environment, the corporate network, or
partner company connections
D.
Testing performed from a number of network access points representing each logical and
physical segment
C
not sure!!!
B – ECSAv8 Module 3 Penetration Testing Methodologies
D definitely IS part of ISA strategy, as per page 115, ECSAv8…
B is the best answer, although it still could be a part of it, it should not be limited to that!
B is the best Answer Sure
The ECSA courseware itself has a lot of confusing information…
Many questions here have many other questions…