Prev Question
Next Question

An IS auditor doing penetration testing during an audit of internet connections would:

A.
evaluate configurations.

B.
examine security settings.

C.
ensure virus-scanning software is in use.

D.
use tools and techniques available to a hacker.

Explanation:
Penetration testing is a technique used to mimic an experienced hacker attacking a live site by
using tools and techniques available to a hacker. The other choices are procedures that an IS
auditor would consider undertaking during an audit of Internet connections, but are not aspects of
penetration testing techniques.

Prev Question
Next Question
Tagged:

Leave a Reply

Your email address will not be published. Required fields are marked *