CompTIA PenTest+ Practice Questions: Planning and Scoping Domain

Correct Answer: A

Explanation: The correct answer is A. The specific IP addresses to be tested should be included in the SoW to clearly define the boundaries of the test. B is incorrect because the vulnerability report is an output of the test, not part of the SoW. C is incorrect because the tester's background is not relevant to the SoW. D is incorrect because future security plans are not part of the test scope.

Correct Answer: D

Explanation: The correct answer is D. The critical assets and systems of the client are the most important factor to consider when defining the scope because they determine the focus and objectives of the penetration test. A penetration test should prioritize protecting the client's most valuable and sensitive assets. Option A is incorrect because geographic location is less relevant than asset importance. Option B is incorrect as while security policy is important, it does not directly define the scope. Option C is incorrect because budget constraints, although important, should not override the need to test critical assets.

Correct Answer: B

Explanation: The correct answer is B. A black-box penetration test is one where the tester has no prior knowledge of the system, simulating an outside attacker. A is incorrect because it describes a white-box test. C is incorrect because it describes a gray-box test. D is incorrect because the tester's employment status does not define the type of test.

Correct Answer: B

Explanation: The purpose of a Letter of Engagement in a penetration testing project is to serve as a formal agreement detailing the scope, objectives, and responsibilities of both parties involved. It ensures mutual understanding and agreement on the project's parameters. Option A is incorrect because the technical methodology is typically outlined in the test plan, not the Letter of Engagement. Option C is incorrect because a checklist of vulnerabilities is part of the testing process, not the engagement letter. Option D is incorrect because the list of tools is usually part of the test plan or methodology documentation.

Correct Answer: B

Explanation: A pre-engagement meeting is primarily conducted to clarify the scope, objectives, and constraints of the test, ensuring both parties have a clear understanding of what the test will entail. While cost negotiation (A), security policies (C), and scheduling (D) might be discussed, they are secondary to clarifying the engagement details.

Correct Answer: B

Explanation: The Statement of Work (SOW) outlines the specific deliverables and objectives of the penetration test. It provides a clear agreement between the client and the testing team on what is expected. While it may reference methodologies, it does not provide detailed technical guidance or list specific vulnerabilities. Legal frameworks are typically covered in other documents such as contracts or legal agreements.

Correct Answer: C

Explanation: Identifying compliance requirements is important to align the test with industry standards and ensure that testing activities meet regulatory obligations. This alignment helps the client maintain compliance with legal and industry standards. While ensuring the test does not violate laws (A) is crucial, compliance requirements are more about meeting standards than legality. Testing tools (B) and cost (D) are logistical concerns influenced by compliance but not directly addressed by it.

Correct Answer: B

Explanation: The critical assets and systems to be tested are the most important factor in determining the scope of a penetration test. Identifying these assets ensures that the test focuses on the areas that are most important to the client and that could have the highest impact if compromised. Option A, the client's budget, is important for determining the scale of the test but not the specific scope. Option C, the availability of testing tools, is a logistical consideration but does not define the scope. Option D, the experience level of the testers, affects the execution of the test but not the scope.

Correct Answer: B

Explanation: Obtaining explicit permission from the client is essential to ensure that all testing activities are authorized and understood by the client, particularly when sensitive data may be involved. This permission clarifies the boundaries and scope of the test. While using encrypted channels (A) and reviewing data protection policies (D) are important security measures, they do not replace the need for explicit permission. Limiting to public-facing endpoints (C) might reduce risk but does not address the need for authorization.

Correct Answer: B

Explanation: Obtaining written consent is essential to avoid legal repercussions. It serves as a formal agreement that both parties understand and agree to the terms of the penetration test, including scope, objectives, and liabilities. Obtaining resources, finalizing schedules, and confirming team availability are logistical considerations but not the primary purpose of consent.