Which of the following BEST describes the relationship between vulnerability scanning and penetration testing?
A. For entities with regulatory drivers the two tests must be the same.
B. Both are labor-intensive in preparation, planning and execution.
C. Both utilize a risk-based analysis that considers treats scenarios.
D. The scope of both is determined primarily by the likelihood of exploitation.
A. For entities with regulatory drivers the two tests must be the same.
B. Both are labor-intensive in preparation, planning and execution.
C. Both utilize a risk-based analysis that considers treats scenarios.
D. The scope of both is determined primarily by the likelihood of exploitation.