When negotiating a penetration testing contract with a prospective client, which of the following disclaimers should be included in order to mitigate liability in case of a future breach of the client's systems?
A.
The proposed mitigations and remediations in the final report do not include a cost-benefit analysis.
B.
The NDA protects the consulting firm from future liabilities in the event of a breach.
C.
The assessment reviewed the cyber key terrain and most critical assets of the client's network.
D.
The penetration test is based on the state of the system and its configuration at the time of assessment.
I would have said D but we're talking about protection here. Usually something signed by both parties. For D, tester and companies know the environment is always changing, they could easily just shift blame and say this and this..
But if this is a disclaimer being put into the NDA it's a bit of a mess this question.
It's either B or D.... So to narrow it...
B is not exactly a disclaimer, which is why D is my final answer
This section is not available anymore. Please use the main Exam Page.PT0-001 Exam Questions
Log in to ExamTopics
Sign in:
Community vote distribution
A (35%)
C (25%)
B (20%)
Other
Most Voted
A voting comment increases the vote count for the chosen answer by one.
Upvoting a comment with a selected answer will also increase the vote count towards that answer by one.
So if you see a comment that you already agree with, you can upvote it instead of posting a new comment.
miabe
2 years, 11 months agoonikafei
3 years agoCapCrunch
3 years, 11 months agodumdada
3 years, 7 months agomattlai
3 years, 3 months agoDrChats
3 years, 11 months ago