Section: Asset Security

In the references I have not found out anything that directly relates to this but It would be logical to assume the answer of going to necessary management. "ISC2 Code of Ethics.... Not commit or be party to any unlawful or unethical act that may negatively affect their professional reputation or the reputation of their profession. Appropriately report activity related to the profession that they believe to be unlawful and shall cooperate with the resulting investigations." -Ronald Krutz The CISSP PREP Guide (gold edition) pg 440

Black-box testing is a method of software testing that examines the functionality of an application (e.g. what the software does) without peering into its internal structures or workings (see white-box testing). This method of test can be applied to virtually every level of software testing: unit, integration, system and acceptance. It typically comprises most if not all higher level testing, but can also dominate unit testing as well.
For your exam you should know the information below:
Alpha and Beta Testing - An alpha version is early version is an early version of the application system submitted to the internal user for testing. The alpha version may not contain all the features planned for the final version. Typically software goes to two stages testing before it consider finished.The first stage is called alpha testing is often performed only by the user within the organization developing the software. The second stage is called beta testing, a form of user acceptance testing, generally involves a limited number of external users. Beta testing is the last stage of testing, and normally involves real world exposure, sending the beta version of the product to independent beta test sites or offering it free to interested user.
Pilot Testing - A preliminary test that focuses on specific and predefined aspect of a system. It is not meant to replace other testing methods, but rather to provide a limited evaluation of the system. Proof of concept are early pilot tests - usually over interim platform and with only basic functionalities.
White box testing - Assess the effectiveness of a software program logic. Specifically, test data are used in determining procedural accuracy or conditions of a program's specific logic path. However testing all possible logical path in large information system is not feasible and would be cost prohibitive, and therefore is used on selective basis only.
Black Box Testing - An integrity based form of testing associated with testing components of an information system's "functional" operating effectiveness without regards to any specific internal program structure. Applicable to integration and user acceptance testing.
Function/validation testing - It is similar to system testing but it is often used to test the functionality of the system against the detailed requirements to ensure that the software that has been built is traceable to customer requirements.
Regression Testing - The process of rerunning a portion of a test scenario or test plan to ensure that changes or corrections have not introduced new errors. The data used in regression testing should be same as original data.
Parallel Testing - This is the process of feeding test data into two systems - the modified system and an alternative system and comparing the result.
Sociability Testing - The purpose of these tests is to confirm that new or modified system can operate in its target environment without adversely impacting existing system. This should cover not only platform that will perform primary application processing and interface with other system but , in a client server and web development, changes to the desktop environment. Multiple application may run on the users desktop, potentially simultaneously , so it is important to test the impact of installing new dynamic link libraries
(DLLs), making operating system registry or configuration file modification, and possibly extra memory utilization.
The following answers are incorrect:
Parallel Testing - This is the process of feeding test data into two systems - the modified system and an alternative system and comparing the result.
Regression Testing - The process of rerunning a portion of a test scenario or test plan to ensure that changes or corrections have not introduced new errors. The data used in regression testing should be same as original data.
Pilot Testing - A preliminary test that focuses on specific and predefined aspect of a system. It is not meant to replace other testing methods, but rather to provide a limited evaluation of the system. Proof of concept are early pilot tests - usually over interim platform and with only basic functionalities
The following reference(s) were/was used to create this question:
CISA review manual 2014 Page number 167
Official ISC2 guide to CISSP CBK 3rd Edition Page number 176

The correct answer is Session. The Session Layer is an OSI model layer.