🔥 3-day streak
CompTIA PenTest+ (PT0-003)127 / 175
Question 127 of 175

During pre-engagement scoping, a client provides a target IP range for an external penetration test. While reviewing the assets, the tester discovers that several in-scope web applications are hosted on infrastructure owned and operated by a third-party managed hosting provider, not the client. The client insists they own the applications and that this is sufficient authorization. What is the MOST appropriate action for the tester to take before beginning active testing against those systems?

Reviewed for accuracy · Report an issueNext question