Deal of The Day! Hurry Up, Grab the Special Discount - Save 25% - Ends In 00:00:00 Coupon code: SAVE25
Welcome to Pass4Success

- Free Preparation Discussions
Mail Us support@pass4success.com
Location US
Mob_nav_barsMENU

CompTIA Exam PT0-002 Topic 3 Question 69 Discussion

Actual exam question for CompTIA's PT0-002 exam
Question #: 69
Topic #: 3
[All PT0-002 Questions]

During an engagement, a junior penetration tester found a multihomed host that led to an unknown network segment. The penetration tester ran a port scan against the network segment, which caused an outage at the customer's factory. Which of the following documents should the junior penetration tester most likely follow to avoid this issue in the future?

Show Suggested Answer Hide Answer
Suggested Answer: C

* Rules of Engagement (ROE) documents outline the scope, boundaries, and rules for a penetration test to prevent unintended consequences such as network outages.

* Details:

NDA (Non-Disclosure Agreement): Protects confidential information but does not provide guidelines for engagement.

MSA (Master Service Agreement): General terms and conditions for services but does not detail specific engagement rules.

ROE (Rules of Engagement): Specifies the limits and guidelines for testing, including which systems can be tested, when, and how, to avoid disruptions.

SLA (Service Level Agreement): Defines the level of service expected but does not guide the testing process.

* Reference: ROE is a critical document in penetration testing engagements to ensure both the tester and client are aligned on the scope and limitations, as outlined in various penetration testing standards and methodologies.


by Myrtie at Sep 13, 2024, 07:02 PM

Limited Time Offer

25%

Off

Get Premium PT0-002 Questions as Interactive Web-Based Practice Test or PDF

Contribute your Thoughts:

Submit Cancel
Alyce
15 days ago
I bet the customer's IT team was not amused by that 'unplanned outage'. The ROE is the way to go, no doubt about it.
upvoted 0 times
...
Delsie
17 days ago
Ah, the classic 'oops, I broke something' scenario. The ROE is definitely the document to follow to prevent these kinds of mishaps in the future.
upvoted 0 times
...
Berry
19 days ago
Haha, looks like someone's going to be in trouble! But seriously, the ROE would have been the way to go here. It's all about staying within the defined scope.
upvoted 0 times
...
Melvin
20 days ago
Wow, this is a tricky one! I guess the junior tester should have checked the ROE (Rules of Engagement) to know the boundaries and avoid disrupting the customer's operations.
upvoted 0 times
Jess
2 days ago
It's important to always refer to the rules to prevent incidents like this.
upvoted 0 times
...
Edda
5 days ago
Yes, ROE outlines what actions are allowed during testing.
upvoted 0 times
...
Tomas
9 days ago
Junior tester should have followed the ROE.
upvoted 0 times
...
...
Lenora
21 days ago
C) ROE is the way to go. Can't go wreaking havoc without permission, even if it's in the name of security. Gotta follow the rules, man.
upvoted 0 times
...
Francesco
26 days ago
I believe the Service Level Agreement (SLA) document could also have helped the junior penetration tester understand the consequences of their actions.
upvoted 0 times
...
Lovetta
27 days ago
LOL, they should have just unplugged the network and blamed it on the gremlins. That's the classic penetration tester's move, right?
upvoted 0 times
...
Freida
30 days ago
I agree with Penney, the Rules of Engagement (ROE) document would have provided guidelines to avoid causing an outage.
upvoted 0 times
...
Dana
1 months ago
Hmm, I thought the junior tester should have checked the SLA (D) to see what kind of downtime was acceptable. Oops, looks like they went a bit rogue!
upvoted 0 times
Kate
14 days ago
True, following the proper documents is crucial in these situations to prevent any mishaps.
upvoted 0 times
...
Alyce
20 days ago
NDA (A) could have also been important to consider before taking such actions.
upvoted 0 times
...
Phyliss
23 days ago
Should have definitely checked the SLA (D) before running that port scan.
upvoted 0 times
...
Shonda
23 days ago
Yeah, that outage at the factory could have been avoided if they followed the guidelines.
upvoted 0 times
...
...
Penney
1 months ago
I think the junior penetration tester should have followed the ROE document.
upvoted 0 times
...
Lillian
2 months ago
Definitely C) ROE. The junior tester should have followed the rules of engagement to avoid disrupting the customer's operations.
upvoted 0 times
Yaeko
17 days ago
D) SLA
upvoted 0 times
...
Lorrine
23 days ago
C) ROE
upvoted 0 times
...
Mable
29 days ago
B) MSA
upvoted 0 times
...
Dylan
1 months ago
A) NDA
upvoted 0 times
...
...

Save Cancel