CompTIA PenTest+ (PT0-002) — Question 168

The provision that defines the level of responsibility between the penetration tester and the client for preventing unauthorized disclosure is found in the:

Answer options

• A. NDA
• B. SLA
• C. MSA
• D. SOW

Correct answer: A

Explanation

The correct answer is A, as a Non-Disclosure Agreement (NDA) specifically addresses the confidentiality obligations and the responsibilities regarding unauthorized disclosure of sensitive information. The other options, such as SLA (Service Level Agreement), MSA (Master Service Agreement), and SOW (Statement of Work), do not primarily focus on confidentiality and disclosure responsibilities.