nerdexam
ExamsPT0-003Questions#287
CompTIACompTIA

PT0-003 · Question #287

PT0-003 Question #287: Real Exam Question with Answer & Explanation

The correct answer is A: Customer authorization. Before any penetration testing begins -- especially in a complex IT infrastructure involving multiple systems, cloud environments, and potentially shared platforms -- a formal written authorization from the customer (client organization) is mandatory. This authorization defines t

Submitted by noor.lb· Mar 6, 2026Engagement management

Question

Which of the following authorizations is mandatory when a penetration tester is involved in a complex IT infrastructure?

Options

  • ACustomer authorization
  • BPenetration tester authorization
  • CThird-party authorization
  • DInternal team authorization

Explanation

Before any penetration testing begins -- especially in a complex IT infrastructure involving multiple systems, cloud environments, and potentially shared platforms -- a formal written authorization from the customer (client organization) is mandatory. This authorization defines the scope, targets, timeframes, and limitations of the assessment and ensures legal protection for both the tester and the organization. Conducting testing without explicit client authorization could violate laws (e.g., Computer Fraud and Abuse Act in the U.S.) and corporate policies.

Topics

#Rules of engagement#Authorization#Ethical hacking#Legal agreements

Community Discussion

No community discussion yet for this question.

Sign up to join the discussion
Full PT0-003 PracticeBrowse All PT0-003 Questions