🔥 3-day streak
CompTIA Security+ (SY0-701)84 / 150
Question 84 of 150
A financial services firm hires an external security company to conduct offensive testing of its customer-facing web applications. Before the engagement begins, the CISO wants to formally document which IP ranges are in scope, the permitted testing hours, prohibited techniques such as denial-of-service, and the emergency contacts to notify if a critical system becomes unstable. Which document should be created to capture these details?
Reviewed for accuracy · Report an issueNext question →