A penetration testing company is about to engage with a new client. Which of the following should the penetration testers ensure is in place before initiating any security assessment activities?
A signed non-disclosure agreement (NDA)
Completion of a risk assessment report
Approval of the time of engagement
Confirmation of tool restrictions