What characterizes a partially known environment penetration test?
- The tester must test the electrical grid supporting the infrastructure of the target.
- The tester is provided with a list of domain names and IP addresses in the scope of a particular target.
- The test is a hybrid approach between unknown and known environment tests.
- The tester should not have prior knowledge of the organization and infrastructure of the target.
Explanation & Hints: A partially known environment penetration test, previously known as gray-box, is somewhat of a hybrid approach between unknown- and understood- environment tests. With partially known environment testing, the testers may be provided credentials but not full network infrastructure documentation. |