Deal of The Day! Hurry Up, Grab the Special Discount - Save 25% - Ends In 00:00:00 Coupon code: SAVE25
Welcome to Pass4Success

- Free Preparation Discussions
Mail Us support@pass4success.com
Location US
Mob_nav_barsMENU

IIA Exam IIA-CIA-Part3 Topic 2 Question 90 Discussion

Actual exam question for IIA's IIA-CIA-Part3 exam
Question #: 90
Topic #: 2
[All IIA-CIA-Part3 Questions]

According to IIA guidance, which of the following statements is true regarding penetration testing?

Show Suggested Answer Hide Answer
Suggested Answer: B

by Alana at Sep 16, 2024, 07:53 AM

Limited Time Offer

25%

Off

Get Premium IIA-CIA-Part3 Questions as Interactive Web-Based Practice Test or PDF

Contribute your Thoughts:

Submit Cancel
Thersa
9 months ago
I'm feeling a bit like a hacker myself, so I'm going to have to go with A. Surprise, surprise!
upvoted 0 times
...
Beckie
9 months ago
D is the right choice, no doubt. Gotta make sure the management team is ready to handle any potential security breaches.
upvoted 0 times
Abraham
8 months ago
D) Testing should address the preventive controls and management's response.
upvoted 0 times
...
Lon
8 months ago
B) Testing should take place during heavy operational time periods to test system resilience.
upvoted 0 times
...
Brandon
9 months ago
A) Testing should not be announced to anyone within the organization to solicit a real-life response.
upvoted 0 times
...
...
Bobbye
10 months ago
I'm feeling a bit mischievous, so I'm gonna go with A. Surprise attack, baby! Let's see how the organization handles a real-life situation.
upvoted 0 times
Alaine
8 months ago
User 3: I agree, but it's important to ensure that the organization is prepared for unexpected tests like that.
upvoted 0 times
...
Aleisha
8 months ago
User 2: That's a bold move! It could definitely provide valuable insights on the organization's readiness.
upvoted 0 times
...
Marla
9 months ago
A) Testing should not be announced to anyone within the organization to solicit a real-life response.
upvoted 0 times
...
...
Lawrence
10 months ago
D is the way to go. Preventive controls are where it's at. Might as well just unplug the whole system if you're not testing those.
upvoted 0 times
Dustin
9 months ago
D) Testing should address the preventive controls and management's response.
upvoted 0 times
...
Tamie
9 months ago
B) Testing should take place during heavy operational time periods to test system resilience.
upvoted 0 times
...
Estrella
9 months ago
A) Testing should not be announced to anyone within the organization to solicit a real-life response.
upvoted 0 times
...
...
Zita
10 months ago
I'm going with B. Gotta test the system when it's really under pressure, you know? See how it holds up in the trenches.
upvoted 0 times
Julie
9 months ago
Agreed, testing resilience is crucial for security measures.
upvoted 0 times
...
Sabra
9 months ago
Yeah, it's important to see how the system performs under pressure.
upvoted 0 times
...
Kiley
9 months ago
I think B is the best option too. Testing during heavy operational time periods makes sense.
upvoted 0 times
...
...
Katie
10 months ago
I agree with Hortencia, D makes sense because testing should address preventive controls.
upvoted 0 times
...
Camellia
10 months ago
I disagree, I believe the answer is A.
upvoted 0 times
...
Nichelle
10 months ago
Option D looks like the correct answer to me. Testing should focus on the preventive controls and how management responds to potential attacks.
upvoted 0 times
Odette
10 months ago
Yes, focusing on preventive controls and management's response is key in ensuring the security of the organization.
upvoted 0 times
...
Ashleigh
10 months ago
I agree, option D is the correct answer. Preventive controls are crucial in penetration testing.
upvoted 0 times
...
...
Hortencia
10 months ago
I think the answer is D.
upvoted 0 times
...

Save Cancel