ExamTopics Logo
Mail Us[email protected]
Menu
Eccouncil Discussions
exam questions

Exam 312-50v11 All Questions

View all questions & answers for the 312-50v11 exam
Go to Exam

Exam 312-50v11 topic 1 question 30 discussion

Actual exam question from ECCouncil's 312-50v11
Question #: 30
Topic #: 1
[All 312-50v11 Questions]

As a Certified Ethical Hacker, you were contracted by a private firm to conduct an external security assessment through penetration testing.
What document describes the specifics of the testing, the associated violations, and essentially protects both the organization's interest and your liabilities as a tester?

  • A. Service Level Agreement
  • B. Project Scope
  • C. Rules of Engagement
  • D. Non-Disclosure Agreement
Show Suggested Answer Hide Answer
Suggested Answer: C 🗳️
by baneador at July 6, 2021, 4:33 a.m.

Comments

Chosen Answer:
This is a voting comment (?). It is better to Upvote an existing comment if you don't have anything to add.
Switch to a voting comment New
Submit Cancel
Daniel8660
8 months, 3 weeks ago
Selected Answer: C
Rules of Engagement (ROE) Formal permission to conduct penetration testing. Helps testers to overcome(克服) legal and policy-related restrictions to using different penetration testing tools and techniques. (P.3403/3387)
upvoted 4 times
...
CodexFT
11 months, 2 weeks ago
Selected Answer: C
For pentesting is Rule of Engagement.
upvoted 1 times
...
EngnSu
1 year, 1 month ago
P.3403 Rule Of Engagement: Formal permission to conduct penetration testing
upvoted 1 times
...
davidjec
1 year, 2 months ago
I will suggest D: NDA
upvoted 1 times
...
baneador
2 years ago
Si la respuesta correcta es la C, ¿Por qué Non-Disclosure Agreement no sirve?
upvoted 2 times
study_Somuch
1 year, 10 months ago
seems like it yes, Rules of Engagement (RoE) is a document that deals with the manner in which the penetration test is to be conducted. Some of the directives that should be clearly spelled out in RoE before you start the penetration test are as follows: The type and scope of testing Client contact details Client IT team notifications Sensitive data handling Status meeting and reports
upvoted 3 times
study_Somuch
1 year, 10 months ago
Actually, I take that back, perhaps B is more appropriate? C seems too general
upvoted 1 times
Mr_Gray
1 year, 9 months ago
stick with RoE. The project scope will not have accountability attached to it nor will it protect the organization. the scope is just an overview of what devices will be addressed.
upvoted 6 times
...
...
...
...
Community vote distribution
A (35%)
C (25%)
B (20%)
Other
Most Voted
A voting comment increases the vote count for the chosen answer by one.

Upvoting a comment with a selected answer will also increase the vote count towards that answer by one. So if you see a comment that you already agree with, you can upvote it instead of posting a new comment.

SaveCancel