As a penetration tester, you are about to begin an assessment for a new client. The client provided you with a contract that outlines the scope of the engagement. Which of the following actions is the MOST appropriate initial step to take before proceeding with the actual testing?
Start reviewing the list of penetration testing tools to determine if they align with the client's industry best practices.
Immediately request additional permissions to utilize potentially restricted testing tools mentioned in the contract.
Clarify any ambiguous terms and ensure a mutual understanding of the scope of work described in the contract.
Ask for additional resources to cover areas that appear to be out of scope in the contract to ensure a thorough assessment.