CompTIA PenTest+ (PT0-001) — Question 70

An energy company contracted a security firm to perform a penetration test of a power plant, which employs ICS to manage power generation and cooling. Which of the following is a consideration unique to such an environment that must be made by the firm when preparing for the assessment?

Answer options

• A. Selection of the appropriate set of security testing tools
• B. Current and load ratings of the ICS components
• C. Potential operational and safety hazards
• D. Electrical certification of hardware used in the test

Correct answer: A

Explanation

The correct answer is A because selecting the right set of security testing tools is crucial in a unique ICS environment to ensure effective and safe testing. Options B and C, while important, are more about understanding the system rather than specific considerations for the testing process itself. Option D, although relevant, does not directly pertain to the penetration testing methodology.