Exam PT0-002 topic 1 question 209 discussion

D would have MOST effectivley prevented this. Theyre not asking for anything other than what is the most effective way to prevent the tester that joined mid engagement. This completely prevents it, B does not. This just comes down to understanding the question asked.

It's part of a Pen Tester job to follow the rules laid out in the SOW.

The MOST effective prevention for this misunderstanding is: B. Requiring all testers to review the scoping document carefully D. Prohibiting testers from joining the team during the assessment: This is too restrictive and hinders flexibility. New team members can be valuable, but proper onboarding and communication are crucial. Requiring a thorough review of the scoping document ensures all testers, including those joining mid-assessment, are aware of the boundaries and limitations of the testing. This document should explicitly state the exclusion of the production environment.

"BEST" = most effective. BEST at preventing this exact situation would be to DENY ALL, rather than "Read and follow rules". 0% vs 1%, 0% wins.

In this scenario, the issue is a lack of communication and understanding of the constraints and boundaries set by the client. The most effective way to prevent this misunderstanding would have been to ensure that all members of the assessment team, including those joining mid-assessment, are fully aware of the requirements and restrictions defined in the scoping document. Option B, "Requiring all testers to review the scoping document carefully," directly addresses this issue by making sure that everyone involved in the assessment is aware of the client's requests and the scope of the assessment. Therefore, option B would have been the most effective way to prevent this misunderstanding.

It's B, the testers should read the documentations before getting into an engagement.

To me answer is B. Lets say you have testers who get sick and can no longer perform but the company has others on hand who can step in to continue the test and meet company SOW. You would allow that new tester with the understanding that they are briefed like all the current testers and they read the required documents.

"The client has asked the team, both verbally and in the scoping document, not to test the production networks. However, the new tester is not aware of this request"This means that it was already written in the scoping document and the pentester missed it anyway. So just saying "read it more caefully next time still leaves the chance it will be missed in future. If you go with D you remove the risk of this entirely. Additionally the client asked verbally. Had someone not have joined halfway through the pentest then they would likely have been there to hear this request in person, so despite missing it in the scoping document they still would've been aware of the restriction. Another thing that steers me towards D

Surely D is the BEST? Just because they read it carefully doesn't mean it won't happen again due to user error. If you don't let people join mid-way through that removes the risk entirely rather than mitigating it

__BBB__