Question

The Chief Information Security Officer (CISO) of a small, local bank has a compliance requirement that...

  1. The Chief Information Security Officer (CISO) of a small, local bank has a compliance requirement that a third-party penetration test of the core banking application must be conducted annually. Which of the following services would fulfill the compliance requirement with the lowest resource usage?

  1. Block-box testing

  2. Gray-box testing

  3. Red-team hunting

  4. White-box testing

  5. Blue-team exercise

Engineering   Computer-Science   
0 0
Add a commentTranscribed image text
Next >

Homework Answers

Answer #1

After the in-depth analysis following points related to the security has been observed-

1. Bank is local thus would have less number of branches which would further require less number of test cases.

2. Bank requirement is just get the complince from third party;it means here the vulnerabilty is less severe.

3.Bank want to engage less number of resources.

Considering above mentioned security aspects black box testing would be ideal. As tester would take less time to test the target system. Additionally, black box tester would not require significant resources to test the system vulnerability.

In Summary, Black box testing would be ideal in terms of less resource usage and time savy at the same time would fullfill the complience requirements.

0 0
Know the answer?
Your Answer:

Post as a guest

Your Name:

What's your source?

Earn Coins

Coins can be redeemed for fabulous gifts.

Log In

Sign Up

Not the answer you're looking for?
Ask your own homework help question
Similar Questions
Using the model proposed by Lafley and Charan, analyze how Apigee was able to drive innovation....
Using the model proposed by Lafley and Charan, analyze how Apigee was able to drive innovation. case:    W17400 APIGEE: PEOPLE MANAGEMENT PRACTICES AND THE CHALLENGE OF GROWTH Ranjeet Nambudiri, S. Ramnarayan, and Catherine Xavier wrote this case solely to provide material for class discussion. The authors do not intend to illustrate either effective or ineffective handling of a managerial situation. The authors may have disguised certain names and other identifying information to protect confidentiality. This publication may not be...
Delta airlines case study Global strategy. Describe the current global strategy and provide evidence about how...
Delta airlines case study Global strategy. Describe the current global strategy and provide evidence about how the firms resources incompetencies support the given pressures regarding costs and local responsiveness. Describe entry modes have they usually used, and whether they are appropriate for the given strategy. Any key issues in their global strategy? casestudy: Atlanta, June 17, 2014. Sea of Delta employees and their families swarmed between food trucks, amusement park booths, and entertainment venues that were scattered throughout what would...
ADVERTISEMENT
Need Online Homework Help?

Get Answers For Free
Most questions answered within 1 hours.

Ask a Question
ADVERTISEMENT