🔥 3-day streak
ISC2 CISSP — Certified Information Systems Security Professional83 / 129
Question 83 of 129

A financial services firm wants a penetration test that simulates the actions of a malicious insider who has legitimate standard-user network credentials but no documentation of the internal architecture. Leadership wants the test to realistically reflect what such an insider could discover and exploit while keeping the engagement time-efficient. Which testing approach best fits this objective?

Reviewed for accuracy · Report an issueNext question