CompTIA Security Plus Mock Test Q1223

A security assurance officer is preparing a plan to measure the technical state of a customer’s enterprise. The testers employed to perform the audit will be given access to the customer facility and network. The testers will not be given access to the details of custom developed software used by the customer. However the testers with have access to the source code for several open source applications and pieces of networking equipment used at the facility, but these items will not be within the scope of the audit. Which of the following BEST describes the appropriate method of testing or technique to use in this scenario? (Select TWO)

A. Social engineering
B. All source
C. Black box
D. Memory dumping
E. Penetration

Correct Answer: C,E
Section: Mixed Questions