CompTIA CySA+ (CS0-002) — Question 342
Which of the following is MOST dangerous to the client environment during a vulnerability assessment/penetration test?
Answer options
- A. There is a longer period of time to assess the environment.
- B. The testing is outside the contractual scope.
- C. There is a shorter period of time to assess the environment.
- D. No status reports are included with the assessment.
Correct answer: B
Explanation
Option B is the most dangerous because conducting tests outside the contractual scope can lead to unintended consequences, as the client may not be prepared for the actions taken. Other options, while potentially problematic, do not pose the same level of risk to the client's environment as they are more related to the logistics of the assessment rather than its ethical and legal boundaries.