exam questions

Exam CISA All Questions

View all questions & answers for the CISA exam

Exam CISA topic 1 question 362 discussion

Actual exam question from Isaca's CISA
Question #: 362
Topic #: 1
[All CISA Questions]

Which of the following security testing techniques is MOST effective in discovering unknown malicious attacks?

  • A. Penetration testing
  • B. Sandboxing
  • C. Vulnerability testing
  • D. Reverse engineering
Show Suggested Answer Hide Answer
Suggested Answer: A 🗳️

Comments

Chosen Answer:
This is a voting comment (?). It is better to Upvote an existing comment if you don't have anything to add.
Switch to a voting comment New
MunaM
Highly Voted 2 years, 3 months ago
I think answer should be A because of unknown
upvoted 6 times
...
1Naa
Most Recent 2 days, 19 hours ago
Selected Answer: A
Cos sandboxing is more focused on testing the behavior of specific applications, rather than discovering unknown attacks across the entire system.
upvoted 1 times
...
1Naa
2 days, 19 hours ago
Selected Answer: A
Penetration testing is the most effective security testing technique for discovering unknown malicious attacks because it simulates real-world attack scenarios, uncovering vulnerabilities that may not be identified through other methods. Penetration testers use techniques similar to those of actual attackers to identify weaknesses in the system's security defenses.
upvoted 1 times
...
PurpleParrot
2 months, 2 weeks ago
Selected Answer: B
generally pen testing is associated with discovering vulnerabilities and exploiting them. we can see them as a preventive control. sand boxing, on the other hand, is more detective / corrective where it isolates and analysis suspicious code (malware) in a controlled environment
upvoted 1 times
...
Swallows
6 months, 2 weeks ago
Selected Answer: A
Penetration testing, also known as ethical hacking, involves simulating real-world cyberattacks to identify vulnerabilities and weaknesses in an organization's systems, networks, or applications. Penetration testers use various methods and tools to attempt to exploit vulnerabilities in the same way that malicious attackers would. While sandboxing (Option B) can be useful for isolating potentially malicious code or programs in a controlled environment to prevent harm to the system, it is not specifically designed to discover unknown malicious attacks. Sandbox environments are typically used to analyze and evaluate https://www.examtopics.com/exams/isaca/cisa/view/2/#the behavior of suspicious or unknown software in a safe manner.
upvoted 3 times
...
JustCisa
1 year, 1 month ago
Selected Answer: A
unknown malicious attacks, should be A, because they are Unknown, vulnerability scanning it is known things
upvoted 2 times
...
meelaan
1 year, 2 months ago
pen test is for cheking vulnurability not attack. Sandbox is for attack.
upvoted 1 times
...
BA27
1 year, 3 months ago
A. Penetration testing
upvoted 2 times
...
oldmagic
1 year, 5 months ago
Selected Answer: A
Penetration testing is the security testing technique that is most effective in discovering unknown malicious attacks.
upvoted 3 times
...
3008
1 year, 6 months ago
Sandboxing is a security technique that isolates an application or process from the rest of the system, preventing it from accessing or modifying other resources. It is not a type of security testing, but rather a security mechanism that can be used to protect a system from potentially malicious code or inputs. Sandboxing can be useful for testing applications in a safe environment, but it does not discover unknown malicious attacks by itself.
upvoted 3 times
...
MohamedAbdelaal
1 year, 8 months ago
Selected Answer: B
Using a sandbox for advanced malware detection provides another layer of protection against new security threats—zero-day (previously unseen) malware and stealthy attacks, in particular. And what happens in the sandbox, stays in the sandbox—avoiding system failures and keeping software vulnerabilities from spreading.
upvoted 3 times
...
MOHAMMADSALTI
1 year, 11 months ago
Selected Answer: B
Sandboxing
upvoted 2 times
...
Community vote distribution
A (35%)
C (25%)
B (20%)
Other
Most Voted
A voting comment increases the vote count for the chosen answer by one.

Upvoting a comment with a selected answer will also increase the vote count towards that answer by one. So if you see a comment that you already agree with, you can upvote it instead of posting a new comment.

SaveCancel
Loading ...
exam
Someone Bought Contributor Access for:
SY0-701
London, 1 minute ago