Which testing approach gives the tester full information about target architecture and code?
A CISSP practice question covering Domain 6: Security Assessment and Testing. Try answering before reading the explanation below.
Show options & answer
Why "White box (crystal box)" is the right answer
White-box testing provides full info — source code, architecture diagrams, credentials. Black box simulates an outsider. Gray box provides partial info. Red team is goal-oriented adversary simulation.
Take the full CISSP practice test
120 questions, instant explanations, study-video links on every miss. No account.