Answer should be A. White Team.

Red-team A red-team is typically defined as the attackers in a penetration test or security assessment exercise. Blue-team A blue-team is typically defined as the defenders in a penetration test or security assessment exercise. White-team A white-team is typically defined as the referees in a penetration test or security assessment exercise. They establish the RoE, other guidelines, and boundaries of the security evalu- ation. They oversee the event and ensure that both sides of the simulated conflict/breach/ intrusion are operating by the rules. They also facilitate communication between the blue- team and red-team. Purple-team A purple-team is a single team that performs both the offensive and defensive penetration test or security assessment operations for an organization.

Suggested answer is completely wrong, yet again.

The white team overseas the exercise, sets the rules, and identifies the rules of engagement.

In a penetration testing exercise, the white team is responsible for overseeing and facilitating the test. They act as referees or impartial observers during the engagement. Their role is to ensure that the test is conducted within the agreed scope and rules, and to provide guidance and support to the penetration testing team. The white team is typically composed of representatives from the organization being tested, including IT security personnel, management, and other relevant stakeholders. They collaborate with the penetration testing team and may provide information about the target systems, help coordinate the test, and review the findings and recommendations.

This is a good example to confirm that the given answers are wrong.

A. White team is the team that acts as a referee during a penetration-testing exercise. The role of the white team is to provide oversight and ensure that the penetration testing exercise is conducted safely, ethically, and within the agreed-upon scope. The white team may also be responsible for setting up the testing environment, defining the rules of engagement, and communicating with stakeholders. The purple team, green team, blue team, and red team are all involved in different aspects of the penetration testing exercise. The purple team is a combination of the red team and blue team, and it focuses on collaboration and knowledge sharing between the offensive and defensive teams. The green team is responsible for testing and validating the security controls in a non-destructive manner. The blue team is responsible for defending the system against attacks and responding to incidents. The red team is responsible for simulating real-world attacks to identify vulnerabilities and weaknesses in the system.

referee - white team

It's the White Team.