Cyber Monday 2024! Hurry Up, Grab the Special Discount - Save 25% - Ends In 00:00:00 Coupon code: SAVE25
Welcome to Pass4Success

- Free Preparation Discussions
Mail Us support@pass4success.com
Location PL
Mob_nav_barsMENU

CompTIA Exam PT0-002 Topic 3 Question 69 Discussion

Actual exam question for CompTIA's PT0-002 exam
Question #: 69
Topic #: 3
[All PT0-002 Questions]

During an engagement, a junior penetration tester found a multihomed host that led to an unknown network segment. The penetration tester ran a port scan against the network segment, which caused an outage at the customer's factory. Which of the following documents should the junior penetration tester most likely follow to avoid this issue in the future?

Show Suggested Answer Hide Answer
Suggested Answer: C

* Rules of Engagement (ROE) documents outline the scope, boundaries, and rules for a penetration test to prevent unintended consequences such as network outages.

* Details:

NDA (Non-Disclosure Agreement): Protects confidential information but does not provide guidelines for engagement.

MSA (Master Service Agreement): General terms and conditions for services but does not detail specific engagement rules.

ROE (Rules of Engagement): Specifies the limits and guidelines for testing, including which systems can be tested, when, and how, to avoid disruptions.

SLA (Service Level Agreement): Defines the level of service expected but does not guide the testing process.

* Reference: ROE is a critical document in penetration testing engagements to ensure both the tester and client are aligned on the scope and limitations, as outlined in various penetration testing standards and methodologies.


by Myrtie at Sep 13, 2024, 07:02 PM

Limited Time Offer

25%

Off

Get Premium PT0-002 Questions as Interactive Web-Based Practice Test or PDF

Contribute your Thoughts:

Submit Cancel
Alyce
2 months ago
I bet the customer's IT team was not amused by that 'unplanned outage'. The ROE is the way to go, no doubt about it.
upvoted 0 times
...
Delsie
2 months ago
Ah, the classic 'oops, I broke something' scenario. The ROE is definitely the document to follow to prevent these kinds of mishaps in the future.
upvoted 0 times
...
Berry
2 months ago
Haha, looks like someone's going to be in trouble! But seriously, the ROE would have been the way to go here. It's all about staying within the defined scope.
upvoted 0 times
...
Melvin
2 months ago
Wow, this is a tricky one! I guess the junior tester should have checked the ROE (Rules of Engagement) to know the boundaries and avoid disrupting the customer's operations.
upvoted 0 times
Jess
1 months ago
It's important to always refer to the rules to prevent incidents like this.
upvoted 0 times
...
Edda
1 months ago
Yes, ROE outlines what actions are allowed during testing.
upvoted 0 times
...
Tomas
2 months ago
Junior tester should have followed the ROE.
upvoted 0 times
...
...
Lenora
2 months ago
C) ROE is the way to go. Can't go wreaking havoc without permission, even if it's in the name of security. Gotta follow the rules, man.
upvoted 0 times
...
Francesco
2 months ago
I believe the Service Level Agreement (SLA) document could also have helped the junior penetration tester understand the consequences of their actions.
upvoted 0 times
...
Lovetta
2 months ago
LOL, they should have just unplugged the network and blamed it on the gremlins. That's the classic penetration tester's move, right?
upvoted 0 times
Azzie
25 days ago
D) SLA
upvoted 0 times
...
Dominque
26 days ago
C) ROE
upvoted 0 times
...
Lindsey
28 days ago
B) MSA
upvoted 0 times
...
Thaddeus
29 days ago
A) NDA
upvoted 0 times
...
...
Freida
2 months ago
I agree with Penney, the Rules of Engagement (ROE) document would have provided guidelines to avoid causing an outage.
upvoted 0 times
...
Dana
2 months ago
Hmm, I thought the junior tester should have checked the SLA (D) to see what kind of downtime was acceptable. Oops, looks like they went a bit rogue!
upvoted 0 times
Kate
2 months ago
True, following the proper documents is crucial in these situations to prevent any mishaps.
upvoted 0 times
...
Alyce
2 months ago
NDA (A) could have also been important to consider before taking such actions.
upvoted 0 times
...
Phyliss
2 months ago
Should have definitely checked the SLA (D) before running that port scan.
upvoted 0 times
...
Shonda
2 months ago
Yeah, that outage at the factory could have been avoided if they followed the guidelines.
upvoted 0 times
...
...
Penney
3 months ago
I think the junior penetration tester should have followed the ROE document.
upvoted 0 times
...
Lillian
3 months ago
Definitely C) ROE. The junior tester should have followed the rules of engagement to avoid disrupting the customer's operations.
upvoted 0 times
Yaeko
2 months ago
D) SLA
upvoted 0 times
...
Lorrine
2 months ago
C) ROE
upvoted 0 times
...
Mable
2 months ago
B) MSA
upvoted 0 times
...
Dylan
2 months ago
A) NDA
upvoted 0 times
...
...

Save Cancel
az-700  pass4success  az-104  200-301  200-201  cissp  350-401  350-201  350-501  350-601  350-801  350-901  az-720  az-305  pl-300  

Warning: Cannot modify header information - headers already sent by (output started at /pass.php:70) in /pass.php on line 77