Certified Information Systems Security Professional – CISSP – Question206

When writing security assessment procedures, what is the MAIN purpose of the test outputs and reports?

A.
To force the software to fail and document the process
B. To find areas of compromise in confidentiality and integrity
C. To allow for objective pass or fail decisions
D. To identify malware or hidden code within the test results

Correct Answer: C