CompTIA PenTest+ (PT0-001) — Question 148

Which of the following is the MOST comprehensive type of penetration test on a network?

Answer options

• A. Black box
• B. White box
• C. Gray box
• D. Red team
• E. Architecture review

Correct answer: A

Explanation

The Black box penetration test is the most comprehensive because it simulates an attack from an external perspective without any prior knowledge of the system, allowing for the identification of vulnerabilities that might not be discovered in other testing types. In contrast, White box testing involves full knowledge of the system, which can limit the scope of the testing. Gray box testing provides partial knowledge, and Red team activities focus on emulating real-world attacks rather than thorough internal assessments.