CompTIA Security+ (SY0-501) — Question 398

Which of the following methods is used by internal security teams to assess the security of internally developed applications?

Answer options

• A. Active reconnaissance
• B. Pivoting
• C. White box testing
• D. Persistence

Correct answer: C

Explanation

White box testing is the correct answer because it involves testing an application with full knowledge of its internal workings, which is typical for internal security assessments. Active reconnaissance and pivoting refer to techniques used in external security assessments, while persistence is related to maintaining access rather than assessing security.