What penetration model should a company use if they only want to allow the penetration tester(s)partial or incomplete information regarding their network system?
A) gray box
B) white box
C) black box
D) red box

Question

Quizplus · Accepted Answer

Gray box testing allows the penetration tester(s) to have limited knowledge or access to the system, such as user access or network diagrams, but not full administrative access. This can simulate an attacker with some knowledge of the target network, while still providing a level of security and control for the company. White box testing gives the tester(s) full knowledge and access to the system, while black box testing provides no knowledge or access at all. Red box testing refers to an advanced level of testing where the tester(s) simulate a real attacker with full knowledge and access to the system, which is typically reserved for high-security environments.

What Penetration Model Should a Company Use If They Only