nerdexam
(ISC)2

CISSP · Question #835

An organization has hired a security services firm to conduct a penetration test. Which of the following will the organization provide to the tester?

The correct answer is A. Limits and scope of the testing.. The organization will provide the limits and scope of the testing to the security services firm that will conduct a penetration test. The limits and scope of the testing define the boundaries, objectives, and rules of engagement for the penetration test, such as the target system

Submitted by tom_us· Mar 5, 2026Security Assessment and Testing

Question

An organization has hired a security services firm to conduct a penetration test. Which of the following will the organization provide to the tester?

Options

  • ALimits and scope of the testing.
  • BPhysical location of server room and wiring closet.
  • CLogical location of filters and concentrators.
  • DEmployee directory and organizational chart.

How the community answered

(29 responses)
  • A
    90% (26)
  • B
    7% (2)
  • C
    3% (1)

Explanation

The organization will provide the limits and scope of the testing to the security services firm that will conduct a penetration test. The limits and scope of the testing define the boundaries, objectives, and rules of engagement for the penetration test, such as the target systems, the testing methods, the testing duration, the testing schedule, the testing team, the testing tools, the testing reporting, and the testing authorization. The limits and scope of the testing are essential for ensuring the legality, the ethics, and the effectiveness of the penetration test.

Topics

#penetration testing#scope#rules of engagement#security assessment

Community Discussion

No community discussion yet for this question.

Full CISSP Practice