ExamTopics Logo
Mail Us[email protected]
Menu
Isaca Discussions
exam questions

Exam CISM All Questions

View all questions & answers for the CISM exam
Go to Exam

Exam CISM topic 1 question 472 discussion

Actual exam question from Isaca's CISM
Question #: 472
Topic #: 1
[All CISM Questions]

Which of the following is the MOST important issue in a penetration test?

  • A. Performing the test without the benefit of any insider knowledge
  • B. Having an independent group perform the test
  • C. Having a defined goal as well as success and failure criteria
  • D. Obtaining permission from audit
Show Suggested Answer Hide Answer
Suggested Answer: C 🗳️
by aokisan at Dec. 20, 2022, 3:42 p.m.

Comments

Chosen Answer:
This is a voting comment (?). It is better to Upvote an existing comment if you don't have anything to add.
Switch to a voting comment New
Submit Cancel
SilverFox
7 months, 4 weeks ago
Selected Answer: C
QAE 10th Ed - Domain 2 Q88 - Same question more or less - answer is to ensure goals and objectives are clearly defined
upvoted 2 times
...
oluchecpoint
10 months, 1 week ago
Selected Answer: C
C. Having a defined goal as well as success and failure criteria In a penetration test, having a defined goal and clear success and failure criteria is the most important issue. Without a well-defined objective and criteria for success, the penetration test may lack focus and effectiveness. It's essential to understand what you are trying to achieve through the test and how you will measure whether it was successful or not.
upvoted 2 times
oluchecpoint
10 months, 1 week ago
D. Obtaining permission from audit (presumably referring to obtaining proper authorization) is crucial from a legal and ethical standpoint, but it is not the most important issue related to the effectiveness of the penetration test itself.
upvoted 1 times
...
...
AaronS1990
11 months ago
What an odd question. You need permission, but not from an audit. So probably C
upvoted 4 times
AaronS1990
10 months, 3 weeks ago
I'd add to that i'm pretty sure it's a typo and it's supposed to say "obtaining permission to audit". Be careful if you get this on the day. If it says "obtaining permission to audit" then that is established rules of engagement and that is correct. If it reads as listed here then for me it doesn't make sense and C is the answer
upvoted 4 times
AlexJacobson
5 months, 2 weeks ago
As a pentester, I can tell you that the absolute most important thing is that you get permission and defined scope of what (and how and sometimes even when) you are allowed to test. Without that you can't start.
upvoted 3 times
d7a2ba6
3 weeks, 4 days ago
I agree. Anf the word issue means also a problem. A-C are not problems, D is.
upvoted 1 times
...
...
...
...
[Removed]
12 months ago
Selected Answer: C
definitely C
upvoted 1 times
...
richck102
1 year ago
C. Having a defined goal as well as success and failure criteria
upvoted 1 times
...
45
1 year ago
Question does not really make sense lol
upvoted 1 times
...
MyKasala
1 year, 6 months ago
Selected Answer: C
I guess C
upvoted 3 times
...
aokisan
1 year, 6 months ago
Selected Answer: D
before pene test, you need a permission.
upvoted 3 times
giovi
1 year, 4 months ago
Ideally yes, but not a permission "from audit". I'd say it's C
upvoted 4 times
...
...
Community vote distribution
A (35%)
C (25%)
B (20%)
Other
Most Voted
A voting comment increases the vote count for the chosen answer by one.

Upvoting a comment with a selected answer will also increase the vote count towards that answer by one. So if you see a comment that you already agree with, you can upvote it instead of posting a new comment.

SaveCancel
exam
Someone Bought Contributor Access for:
SY0-701
London, 1 minute ago