What is the primary objective of the Planning and Scoping phase in a penetration test?

  1. To generate the final report
  2. To identify all vulnerabilities in the system
  3. To establish the scope, rules of engagement, and objectives of the test ✓
  4. To exploit discovered vulnerabilities

Correct answer: To establish the scope, rules of engagement, and objectives of the test

Option C is correct because the Planning and Scoping phase defines the boundaries, rules of engagement, legal authorizations, and specific objectives that govern the entire engagement, ensuring all parties agree before any testing begins. Option A is incorrect because generating the final report occurs at the end of the engagement, after all testing and analysis are complete. Option B is incorrect because identifying all vulnerabilities is the goal of the scanning and enumeration phases, not the planning phase. Option D is incorrect because exploiting vulnerabilities is the hands-on attack phase that comes after planning, reconnaissance, and scanning.

Topic: · penetration testing, rules of engagement, scope definition, pt0-002

Practice CompTIA PenTest+ (PT0-002) Questions Free