When assessing web vulnerabilities, navigating the dark web can add value to a penetration test by:
C. Information may be found on related breaches and hacking.
While the dark web can provide valuable information, it is important to note that accessing and navigating the dark web can be risky and potentially illegal. It should only be done with proper authorization and adherence to legal and ethical guidelines.
The devil is in the details. The question sounds like you would need to find one option from the A-D, which helps pen testing perform at its best.
1) https://www.oreilly.com/library/view/web-penetration-testing/9781783988525/ch02s03.html = this alone would suggest B, but they have to be used in the cloud, or via tor (aka onion network), no indication of that
2) C would help from an information gathering perspective, since that is what pen-tester would look for, a way to get in. And they hope that hasn't been covered.. yet.
C is right
A. Information may be found on hidden vendor patches - why would vendor hide their patches on dark web?
B. The actual origin and tools used for the test can be hidden - doesn't sound right
C. Information may be found on related breaches and hacking - sometime dark web navigation helps to find hidden information or related breach that is usually not available on Internet
D. Vulnerabilities can be tested without impact on the tested environment - navigating dark web doesn't ensure that
upvoted 3 times
...
Log in to ExamTopics
Sign in:
Community vote distribution
A (35%)
C (25%)
B (20%)
Other
Most Voted
A voting comment increases the vote count for the chosen answer by one.
Upvoting a comment with a selected answer will also increase the vote count towards that answer by one.
So if you see a comment that you already agree with, you can upvote it instead of posting a new comment.
franbarpro
Highly Voted 1 year, 5 months agojackdryan
10 months, 4 weeks agoBach1968
Most Recent 9 months agojsnow2258
1 year, 5 months agodev46
1 year, 6 months ago