During an authorized test, several employees report uncertain behavior when encountering suspicious network scans. Which administrative measure is most likely to keep them aligned with the agreed process and avoid unintended test interruptions?
Offer a training session that outlines the scope and reporting requirements
Run with firewall ports set to permit all tester traffic
Require frequent password changes during the assessment
Activate tighter intrusion prevention on all external traffic
Providing training before the test clarifies what employees can expect and how to respond. Increasing password complexity or deploying additional network controls may improve security, but they do not ensure staff members understand the boundaries of the test. Opening all firewall ports can undermine security and is unnecessary for authorized testers who follow the scope.
Ask Bash
Bash is our AI bot, trained to help you pass your exam. AI Generated Content may display inaccurate information, always double-check anything important.
Why is training employees before a penetration test important?
Open an interactive chat with Bash
What is the role of 'scope' in a penetration test?
Open an interactive chat with Bash
How does a penetration test differ from standard security measures?