CISSP Question #75: Real Exam Question with Answer & Explanation

The correct answer is C: Obtaining the approval of the company's management. The first step of a penetration test plan is to obtain the approval of the company's management, as well as the consent of the target network's owner or administrator. This is essential to ensure the legality, ethics, and scope of the test, as well as to define the objectives, ex

Submitted by lars.no· Mar 5, 2026Security Assessment and Testing

Question

Which of the following is the FIRST step of a penetration test plan?

Options

AAnalyzing a network diagram of the target network
BNotifying the company's customers
CObtaining the approval of the company's management
DScheduling the penetration test during a period of least impact

Explanation

The first step of a penetration test plan is to obtain the approval of the company's management, as well as the consent of the target network's owner or administrator. This is essential to ensure the legality, ethics, and scope of the test, as well as to define the objectives, expectations, and deliverables of the test. Without proper authorization, a penetration test could be considered as an unauthorized or malicious attack, and could result in legal or reputational consequences.

Topics

#penetration testing#authorization#ethical hacking#test planning

Community Discussion

No community discussion yet for this question.

Full CISSP Practice Browse All CISSP Questions