Penetration testing is the most effective security testing technique for discovering unknown malicious attacks because it simulates real-world attack scenarios, uncovering vulnerabilities that may not be identified through other methods. Penetration testers use techniques similar to those of actual attackers to identify weaknesses in the system's security defenses.
generally pen testing is associated with discovering vulnerabilities and exploiting them. we can see them as a preventive control. sand boxing, on the other hand, is more detective / corrective where it isolates and analysis suspicious code (malware) in a controlled environment
Penetration testing, also known as ethical hacking, involves simulating real-world cyberattacks to identify vulnerabilities and weaknesses in an organization's systems, networks, or applications. Penetration testers use various methods and tools to attempt to exploit vulnerabilities in the same way that malicious attackers would.
While sandboxing (Option B) can be useful for isolating potentially malicious code or programs in a controlled environment to prevent harm to the system, it is not specifically designed to discover unknown malicious attacks. Sandbox environments are typically used to analyze and evaluate https://www.examtopics.com/exams/isaca/cisa/view/2/#the behavior of suspicious or unknown software in a safe manner.
Sandboxing is a security technique that isolates an application or process from the rest of the system, preventing it from accessing or modifying other resources. It is not a type of security testing, but rather a security mechanism that can be used to protect a system from potentially malicious code or inputs. Sandboxing can be useful for testing applications in a safe environment, but it does not discover unknown malicious attacks by itself.
Using a sandbox for advanced malware detection provides another layer of protection against new security threats—zero-day (previously unseen) malware and stealthy attacks, in particular. And what happens in the sandbox, stays in the sandbox—avoiding system failures and keeping software vulnerabilities from spreading.
A voting comment increases the vote count for the chosen answer by one.
Upvoting a comment with a selected answer will also increase the vote count towards that answer by one.
So if you see a comment that you already agree with, you can upvote it instead of posting a new comment.
MunaM
Highly Voted 2 years, 3 months ago1Naa
Most Recent 2 days, 19 hours ago1Naa
2 days, 19 hours agoPurpleParrot
2 months, 2 weeks agoSwallows
6 months, 2 weeks agoJustCisa
1 year, 1 month agomeelaan
1 year, 2 months agoBA27
1 year, 3 months agooldmagic
1 year, 5 months ago3008
1 year, 6 months agoMohamedAbdelaal
1 year, 8 months agoMOHAMMADSALTI
1 year, 11 months ago