When conducting an application-based penetration test on a web application, the assessment should also include testing access to which resources?
- AAA servers
- cloud services
- switches, routers, and firewalls
- back-end databases
Explanation: The application-based penetration test focuses on testing for security weaknesses in enterprise applications. These weaknesses can include but are not limited to misconfigurations, input validation issues, injection issues, and logic flaws. Because a web application is typically built on a web server with a back-end database, the testing scope also normally includes the database.
Exam with this question: 1.4.3 Quiz - Introduction to Ethical Hacking and Penetration Testing Answers
Please login or Register to submit your answer