Welcome to ExamTopics
ExamTopics Logo
- Expert Verified, Online, Free.
Mail Us [email protected]
Menu

Unlimited Access

Get Unlimited Contributor Access to the all ExamTopics Exams!
Take advantage of PDF Files for 1000+ Exams along with community discussions and pass IT Certification Exams Easily.
Comptia Discussions

Exam PT0-002 topic 1 question 209 discussion

Actual exam question from CompTIA's PT0-002
Question #: 209
Topic #: 1
[All PT0-002 Questions]

A penetration tester joins the assessment team in the middle of the assessment. The client has asked the team, both verbally and in the scoping document, not to test the production networks. However, the new tester is not aware of this request and proceeds to perform exploits in the production environment. Which of the following would have MOST effectively prevented this misunderstanding?

  • A. Prohibiting exploitation in the production environment
  • B. Requiring all testers to review the scoping document carefully
  • C. Never assessing the production networks
  • D. Prohibiting testers from joining the team during the assessment
Show Suggested Answer Hide Answer
Suggested Answer: B 🗳️
by lifehacker0777 at March 23, 2023, 3:18 p.m.

Comments

Chosen Answer:
This is a voting comment (?) , you can switch to a simple comment.
Switch to a voting comment New
Submit Cancel
Meep123
3 months, 2 weeks ago
Selected Answer: D
"BEST" = most effective. BEST at preventing this exact situation would be to DENY ALL, rather than "Read and follow rules". 0% vs 1%, 0% wins.
upvoted 2 times
j904
2 weeks ago
I agree
upvoted 1 times
...
...
solutionz
9 months ago
Selected Answer: B
In this scenario, the issue is a lack of communication and understanding of the constraints and boundaries set by the client. The most effective way to prevent this misunderstanding would have been to ensure that all members of the assessment team, including those joining mid-assessment, are fully aware of the requirements and restrictions defined in the scoping document. Option B, "Requiring all testers to review the scoping document carefully," directly addresses this issue by making sure that everyone involved in the assessment is aware of the client's requests and the scope of the assessment. Therefore, option B would have been the most effective way to prevent this misunderstanding.
upvoted 3 times
...
matheusfmartins
9 months, 1 week ago
Selected Answer: B
It's B, the testers should read the documentations before getting into an engagement.
upvoted 2 times
...
scweeb
9 months, 1 week ago
To me answer is B. Lets say you have testers who get sick and can no longer perform but the company has others on hand who can step in to continue the test and meet company SOW. You would allow that new tester with the understanding that they are briefed like all the current testers and they read the required documents.
upvoted 2 times
...
AaronS1990
1 year, 1 month ago
Selected Answer: D
"The client has asked the team, both verbally and in the scoping document, not to test the production networks. However, the new tester is not aware of this request"This means that it was already written in the scoping document and the pentester missed it anyway. So just saying "read it more caefully next time still leaves the chance it will be missed in future. If you go with D you remove the risk of this entirely. Additionally the client asked verbally. Had someone not have joined halfway through the pentest then they would likely have been there to hear this request in person, so despite missing it in the scoping document they still would've been aware of the restriction. Another thing that steers me towards D
upvoted 2 times
...
AaronS1990
1 year, 1 month ago
Surely D is the BEST? Just because they read it carefully doesn't mean it won't happen again due to user error. If you don't let people join mid-way through that removes the risk entirely rather than mitigating it
upvoted 2 times
Meep123
3 months, 2 weeks ago
Agree.
upvoted 1 times
...
...
lifehacker0777
1 year, 1 month ago
Selected Answer: B
__BBB__
upvoted 1 times
...

Get IT Certification

Unlock free, top-quality video courses on ExamTopics with a simple registration. Elevate your learning journey with our expertly curated content. Register now to access a diverse range of educational resources designed for your success. Start learning today with ExamTopics!

Start Learning for free
Community vote distribution
A (35%)
C (25%)
B (20%)
Other
Most Voted
A voting comment increases the vote count for the chosen answer by one.

Upvoting a comment with a selected answer will also increase the vote count towards that answer by one. So if you see a comment that you already agree with, you can upvote it instead of posting a new comment.

SaveCancel