A Non-disclosure Agreement (NDA) is a legal contract between at least two parties that outlines confidential material, knowledge, or information that the parties wish to share with one another for certain purposes, but wish to restrict access to or by third parties. It is a critical document that ensures penetration testers maintain the confidentiality of data. Service-level agreements (SLAs) pertain to the expected performance and availability of the services being provided. Master service agreements are overarching contracts that establish most of the terms between the service provider and the client. Permission to attack refers to obtaining explicit authorization before conducting a penetration test.