In a penetration test, Jim has agreed to perform a test without prior knowledge or details about the bank. This is referred to as?

A test where the tester has no prior knowledge or specific details about the system being evaluated is known as a black box test. In this scenario, Jim would approach the penetration test without any insider information, mimicking the perspective and methods of an external attacker attempting to breach the bank's defenses.

The focus of a black box test is on the input and output of the system without any understanding of its internal workings, which can help identify vulnerabilities that might be exploited by malicious actors. This type of testing emphasizes real-world attack scenarios and can be particularly effective in revealing security weaknesses that a company may not be aware of.

In contrast, a white box test involves complete access to the internal structures, code, and architecture of the system, allowing for a thorough examination of security from the inside out. A gray box test provides a mix of both approaches, where the tester has limited knowledge of the internals. An external test typically refers to testing conducted from outside the network, which could be either black or gray box, but does not specifically highlight the aspect of knowledge about the system's internals, making 'black box' the most appropriate term in this context.