Which of the following is the GREATEST risk associated with conducting penetration testing on a business-critical application production environment?
Which of the following is the GREATEST risk associated with conducting penetration testing on a business-critical application production environment?
Conducting penetration testing on a business-critical application production environment can pose several risks. However, the greatest risk is that data integrity may become compromised. If data integrity is compromised, it can lead to severe issues including corruption of critical business data, which can disrupt operations, cause financial losses, and damage the credibility of the organization. These impacts are generally more severe than differences in test results, lack of prior notification to system owners, or non-adherence to audit standards.
Answer is B
I think answer is B
B is the right answer.
I think C is correct as system owners approval is necessary before penetration tests.
It should be B. It is more important than C, from the perspective of data integrity
B is correct
While system owners not being informed in advance (option C) is also a concern, it typically does not pose as great a risk as compromising data integrity. System owners not being informed may lead to operational issues or conflicts during the testing process, but it's unlikely to have the same level of impact as data integrity breaches in a business-critical application production environment.