CompTIA PenTest+ (PT0-001) — Question 64

A security consultant receives a document outlining the scope of an upcoming penetration test. This document contains IP addresses and times that each can be scanned. Which of the following would contain this information?

Answer options

• A. Rules of engagement
• B. Request for proposal
• C. Master service agreement
• D. Business impact analysis

Correct answer: A

Explanation

The correct answer is A, as the Rules of Engagement outline the parameters, including IP addresses and timing for a penetration test. The Request for Proposal (B) is generally used to solicit bids, the Master Service Agreement (C) defines the overall contractual terms, and the Business Impact Analysis (D) assesses potential impacts of disruptions, none of which specifically detail the scanning scope.