24 Jun Practice Test Question-Hacker Types
Preparing for your next security certification exam? After trying your hand at this practice test question, join the FREE CertMike Study Group for the CISSP, Security+, CySA+, PenTest+, CISM+ or SSCP certification to receive new questions each week. You’ll also receive free access to my customized study strategies.
Tina is an independent security researcher who tests the security of systems of large corporations. She is working with a large automotive supplier to test the security of their systems. What term best describes Tina’s work on this engagement?
A. Black hat
B. Blue hat
C. White hat
D. Grey hat
Correct Answer: C
Tina is working under an authorized contract, so her work is clearly that of a white hat hacker. White hats do not need to be employees of the company being tested, they merely must be authorized to do their work. If Tina was working without permission, but intended to report results only to the target company, her work would be considered grey hat. If she had malicious intent, she would be a black hat hacker. Blue hat is not a term commonly used to categorize attackers.