You have been contracted to perform a penetration test on a client's wireless network. Per the client's requirements, the target assets include both 2.4 GHz and 5 GHz Wi-Fi frequencies. Which of the following actions is BEST to perform first to remain within the agreed scope and rules of engagement?
You selected this option
Confirm the times of the day when testing is permitted and the types of potential wireless network disruptions that are allowed.
You selected this option
Immediately begin scanning for all 2.4 GHz and 5 GHz Wi-Fi networks within the client's facility.
You selected this option
Obtain written permission from the property owner where the Wi-Fi access points are physically located.
You selected this option
Discuss the penetration test team's preferred tools and techniques with the client to ensure compatibility.
Before conducting any penetration tests on wireless networks, it is vital to confirm the types of tests that are allowed and the specific hours during which testing can be conducted. This ensures that the penetration tester works within the agreed-upon constraints, avoiding any potential disruption to the client's normal business operations or violation of the rules of engagement. Choosing to scan wireless networks immediately or discussing tool usage without information about the rules of engagement may lead to unauthorized actions or testing during critical business hours. On the other hand, obtaining permission from the site owner is a necessary step, but it does not specifically pertain to the tester's immediate course of action concerning time-of-day restrictions and the nature of allowed tests.
Ask Bash
Bash is our AI bot, trained to help you pass your exam. AI Generated Content may display inaccurate information, always double-check anything important.
What are the rules of engagement in a penetration test?
Open an interactive chat with Bash
Why is it important to know the times testing is permitted?
Open an interactive chat with Bash
What could happen if I begin scanning networks without confirming the rules first?