Which type of penetration test would only provide the tester with limited information such as the domain names and IP addresses in the scope?
- known-environment test
- partially known environment test
- unknown-environment test
- OWASP Web Security Testing Guide
|
Explanation & Hints: In an unknown-environment penetration test (previously known as black-box), the tester typically only has a very limited amount of information. For instance, the tester may only provide the domain names and IP addresses in scope for a particular target. The tester would have yet to gain prior knowledge of the organization’s target and infrastructure. |