ExamTopics Logo
Mail Us[email protected]
Menu
Isaca Discussions
exam questions

Exam CISA All Questions

View all questions & answers for the CISA exam
Go to Exam

Exam CISA topic 1 question 1167 discussion

Actual exam question from Isaca's CISA
Question #: 1167
Topic #: 1
[All CISA Questions]

Which of the following should be done FIRST when planning to conduct internal and external penetration testing for a client?

  • A. Establish the timing of testing.
  • B. Identify milestones.
  • C. Determine the test reporting.
  • D. Establish the rules of engagement.
Show Suggested Answer Hide Answer
Suggested Answer: D 🗳️
by FAGFUR at Nov. 14, 2023, 4:25 p.m.

Comments

Chosen Answer:
This is a voting comment (?). It is better to Upvote an existing comment if you don't have anything to add.
Switch to a voting comment New
Submit Cancel
FAGFUR
4 months ago
Selected Answer: D
When planning to conduct internal and external penetration testing for a client, the first step should be to establish the rules of engagement. Rules of engagement define the scope, objectives, and constraints of the penetration testing engagement. They outline what is allowed and what is not allowed during the testing process. Establishing the rules of engagement is crucial for ensuring a clear understanding between the testing team and the client, addressing legal and compliance considerations, and defining the scope of the testing activities. This includes specifying the systems and networks that can be tested, the testing methods that can be employed, and any limitations or restrictions.
upvoted 2 times
...
Community vote distribution
A (35%)
C (25%)
B (20%)
Other
Most Voted
A voting comment increases the vote count for the chosen answer by one.

Upvoting a comment with a selected answer will also increase the vote count towards that answer by one. So if you see a comment that you already agree with, you can upvote it instead of posting a new comment.

SaveCancel
exam
Someone Bought Contributor Access for:
SY0-701
London, 1 minute ago