CompTIA PenTest+ (PT0-002) — Question 73

A penetration-testing team needs to test the security of electronic records in a company's office. Per the terms of engagement, the penetration test is to be conducted after hours and should not include circumventing the alarm or performing destructive entry. During outside reconnaissance, the team sees an open door from an adjoining building. Which of the following would be allowed under the terms of the engagement?

Answer options

• A. Prying the lock open on the records room
• B. Climbing in an open window of the adjoining building
• C. Presenting a false employee ID to the night guard
• D. Obstructing the motion sensors in the hallway of the records room

Correct answer: C

Explanation

The correct answer is C because presenting a false employee ID to the night guard does not involve any destructive entry or circumventing security measures, thus it complies with the terms of engagement. Options A, B, and D all involve actions that would likely be considered as circumventing security or causing potential damage, which are prohibited by the terms.