A security firm is writing a response to an RFP from a customer that is building a new network based software product. The firm’s expertise is in penetration testing corporate networks. The RFP explicitly calls for all possible behaviors of the product to be tested, however, it does not specify any particular method to achieve this goal. Which of the following should be used to ensure the security and functionality of the product? (Select TWO).

Posted by: Pdfprep Category: CAS-002 Tags: CompTIA CASP, CAS-002 exam questions, CAS-002 practice exam Post Date: October 31, 2020

A security firm is writing a response to an RFP from a customer that is building a new network based software product. The firm’s expertise is in penetration testing corporate networks. The RFP explicitly calls for all possible behaviors of the product to be tested, however, it does not specify any particular method to achieve this goal. Which of the following should be used to ensure the security and functionality of the product? (Select TWO).
A . Code review
B . Penetration testing
C . Grey box testing
D . Code signing
E . White box testing

Answer: A, E

Author

Pdfprep

Author

Leave a Reply Cancel reply