C.  Physical interface testing

                    D.  Security interface testing


               17.  During what type of penetration test does the tester always have
                    access to system configuration information?

                    A.  Black box penetration test

                    B.  White box penetration test

                    C.  Gray box penetration test

                    D.  Red box penetration test

              18.  What port is typically open on a system that runs an unencrypted
                    HTTP server?

                    A.  22

                    B.  80

                    C.  143


                    D.  443

               19.  Which one of the following is the final step of the Fagin inspection
                    process?

                    A.  Inspection

                    B.  Rework

                    C.  Follow-up

                    D.  None of the above

              20.  What information security management task ensures that the
                    organization’s data protection requirements are met effectively?


                    A.  Account management

                    B.  Backup verification

                    C.  Log review

                    D.  Key performance indicators