Deal of The Day! Hurry Up, Grab the Special Discount - Save 25% - Ends In 00:00:00 Coupon code: SAVE25
Welcome to Pass4Success

- Free Preparation Discussions
Mail Us support@pass4success.com
Location US
Mob_nav_barsMENU

IIA Exam IIA-CIA-Part3 Topic 2 Question 90 Discussion

Actual exam question for IIA's IIA-CIA-Part3 exam
Question #: 90
Topic #: 2
[All IIA-CIA-Part3 Questions]

According to IIA guidance, which of the following statements is true regarding penetration testing?

Show Suggested Answer Hide Answer
Suggested Answer: B

by Alana at Sep 16, 2024, 07:53 AM

Limited Time Offer

25%

Off

Get Premium IIA-CIA-Part3 Questions as Interactive Web-Based Practice Test or PDF

Contribute your Thoughts:

Submit Cancel
Thersa
8 months ago
I'm feeling a bit like a hacker myself, so I'm going to have to go with A. Surprise, surprise!
upvoted 0 times
...
Beckie
8 months ago
D is the right choice, no doubt. Gotta make sure the management team is ready to handle any potential security breaches.
upvoted 0 times
Abraham
7 months ago
D) Testing should address the preventive controls and management's response.
upvoted 0 times
...
Lon
7 months ago
B) Testing should take place during heavy operational time periods to test system resilience.
upvoted 0 times
...
Brandon
7 months ago
A) Testing should not be announced to anyone within the organization to solicit a real-life response.
upvoted 0 times
...
...
Bobbye
8 months ago
I'm feeling a bit mischievous, so I'm gonna go with A. Surprise attack, baby! Let's see how the organization handles a real-life situation.
upvoted 0 times
Alaine
7 months ago
User 3: I agree, but it's important to ensure that the organization is prepared for unexpected tests like that.
upvoted 0 times
...
Aleisha
7 months ago
User 2: That's a bold move! It could definitely provide valuable insights on the organization's readiness.
upvoted 0 times
...
Marla
7 months ago
A) Testing should not be announced to anyone within the organization to solicit a real-life response.
upvoted 0 times
...
...
Lawrence
8 months ago
D is the way to go. Preventive controls are where it's at. Might as well just unplug the whole system if you're not testing those.
upvoted 0 times
Dustin
7 months ago
D) Testing should address the preventive controls and management's response.
upvoted 0 times
...
Tamie
8 months ago
B) Testing should take place during heavy operational time periods to test system resilience.
upvoted 0 times
...
Estrella
8 months ago
A) Testing should not be announced to anyone within the organization to solicit a real-life response.
upvoted 0 times
...
...
Zita
8 months ago
I'm going with B. Gotta test the system when it's really under pressure, you know? See how it holds up in the trenches.
upvoted 0 times
Julie
8 months ago
Agreed, testing resilience is crucial for security measures.
upvoted 0 times
...
Sabra
8 months ago
Yeah, it's important to see how the system performs under pressure.
upvoted 0 times
...
Kiley
8 months ago
I think B is the best option too. Testing during heavy operational time periods makes sense.
upvoted 0 times
...
...
Katie
9 months ago
I agree with Hortencia, D makes sense because testing should address preventive controls.
upvoted 0 times
...
Camellia
9 months ago
I disagree, I believe the answer is A.
upvoted 0 times
...
Nichelle
9 months ago
Option D looks like the correct answer to me. Testing should focus on the preventive controls and how management responds to potential attacks.
upvoted 0 times
Odette
8 months ago
Yes, focusing on preventive controls and management's response is key in ensuring the security of the organization.
upvoted 0 times
...
Ashleigh
8 months ago
I agree, option D is the correct answer. Preventive controls are crucial in penetration testing.
upvoted 0 times
...
...
Hortencia
9 months ago
I think the answer is D.
upvoted 0 times
...

Save Cancel