PT1-002 Exam QuestionsBrowse all questions from this exam

PT1-002 Exam - Question 5


A new security firm is onboarding its first client. The client only allowed testing over the weekend and needed the results Monday morning. However, the assessment team was not able to access the environment as expected until Monday. Which of the following should the security company have acquired BEFORE the start of the assessment?

Show Answer
Correct Answer: D

To ensure the assessment could proceed as planned and any unexpected issues could be addressed promptly, the security company should have acquired the proper emergency contacts for the client. Emergency contacts would allow the assessment team to quickly address any access issues or other obstacles encountered, especially given the tight timeframe and weekend testing window.

Discussion

17 comments
Sign in to comment
euknvynaOption: B
Nov 14, 2021

That is unlikely to start testing without credentials. Let's assume that credentials were known. What if e.g. environment maintenance took place over the weekend or MAC were white\blacklisted? D -> Emergency contact is correct

AdonistOption: D
Mar 7, 2022

I would go with D

brandonlOption: D
Mar 24, 2022

It specifically states in the question: "the client only allowed testing over the weekend and needed the results Monday morning." Therefore, it was known that this needed to happen, therefore this must have been determined. The issue is that this condition could not be met, but the team had no way to notify the client. Therefore, D.

kiduuuOption: D
May 2, 2022

Is not A, B or C because : A. A signed statement of work - "A new security firm is onboarding its first client" - it already has the approval B. The correct user accounts and associated passwords - "the assessment team was not able to access the environment as expected" - is not required to be Credential-based vulnerability assessment ! C. The expected time frame of the assessment - The client only allowed testing over the weekend and needed the results Monday morning - you have a timeframe

Cyber_JudyOption: D
Jun 11, 2022

D - gotta know who to contact during weekend hours if you don't have proper info/accesses.

Cyber_JudyOption: D
Jun 11, 2022

D - as per specifics on question stated... In order -> 1. Client only allowed testing over the weekend 2. Needed the results Monday morning. 3. Team not able to access environment as expected until Monday. 4. Which should company have acquired BEFORE start of assessment? SUMMARY: They knew they had to do it over the weekend and have results by Monday morning (yet unrealistic expectations).

shakevia463Option: D
Jan 29, 2023

If they had emergency contact information the issue would have been resolved. Answer D they couldnt resolve the issue because they didnt have the emergency contact

AaronS1990Option: D
Mar 3, 2023

I agree with D for the reasons Kiduu stated below

jedingtonOption: C
Mar 21, 2022

It's unlikely to be D, because it doesn't mention anywhere that the team couldn't access contacts/etc. It's not B, because it didn't mention anywhere that there were credential problems. It IS C, because it claims the security team couldn't access the system; therefore, a clear timeline of expected access to said system should've been clarified to cover the security team.

Adonist
Mar 22, 2022

Isn't the weekend and expected results by monday a clarified timeline though?

Charlieb123Option: A
Apr 19, 2022

If by not choosing A - a signed SOW, it means there isn't a signed SOW, then the test shouldn't go ahead. So BEFORE you do anything testing, you MUST have a signed SOW. I think it's a trick question steering people away from the obvious.

maps7
Jun 9, 2022

the answer is A you need a SOW to start work

RightAsTainOption: C
Sep 26, 2022

C is right. They should have assessed the timeframe to see if the weekend was enough time. There was no emergency here. They just went out of scope by performing the test into Monday.

AaronS1990
Mar 3, 2023

C isn't saying they should have assessed/confirmed it, it is saying that they have gotten it. But we can already see that the time-frame is known. It's not the best question as it seems a bit open to interpretation but I'd got with D

AnarckiiOption: B
Jun 1, 2023

It look me awhile to get this answer, but this made sense: A. A signed statement of work: While a signed statement of work is essential for establishing the scope, objectives, and terms of the assessment, it does not provide the necessary credentials or access to the client's environment. It is a contractual agreement outlining the scope of the work to be performed. C. The expected time frame of the assessment: Knowing the expected time frame of the assessment is important for planning purposes, but it does not resolve the issue of the assessment team's inability to access the environment over the weekend. It merely provides an understanding of the duration of the assessment. D. The proper emergency contacts for the client: While having the proper emergency contacts is crucial for communication and addressing any urgent situations during the assessment, it does not directly address the issue of the assessment team's inability to access the environment as expected

pentesternoname
Nov 10, 2023

I agree with you

BinarySoldierOption: C
Jan 31, 2022

"the assessment team was not able to access the environment as expected until Monday." It's not like the team could not get access to the environment due to failing credentials, it's because they didn't know when to the time frame. That's why it's mentioned they accessed the platform on Monday, and the question doesn't say this was with the assistance of the client. I am changing to C being the correct answer

brandonl
Mar 24, 2022

It specifically states in the question: "the client only allowed testing over the weekend and needed the results Monday morning." Therefore, it was known that this needed to happen, therefore this must have been determined. The issue is that this condition could not be met, but the team had no way to notify the client. Therefore, D.

UmbriatorOption: D
Mar 3, 2022

We don't now if it's a black box or white box test. I presume it's a black box test, so they have to find out about the credential by them self. If the SOW state that the work has to be done in the weekends, the contact has to be available in the weekend. So if i didn't get access to the system, i would have called the contact to see what was wrong. I would also checked if the system was attacked during that time.

pentesternonameOption: B
Nov 10, 2023

In a security assessment, having the correct user accounts and associated passwords is crucial for the assessment team to access and test the client's environment. Without proper access credentials, the team might face delays in conducting the assessment, as described in the scenario. Acquiring this information before the start of the assessment helps ensure a smooth and timely process.

somsomOption: D
Jun 24, 2024

The user account and passwords must have been given to them, and in the SOW, it must have been included that all these would be provided. So, the emergency contact of the client is very necessary

MeisAdrianoOption: D
Jul 21, 2024

It's not A,B,C because: NOT-A) If I have to start, I suppose to have already signed SOW. The "was not able to access" suppose I'm trying, so I suppose to have already signed a SOW. NOT-B) We don't know if we are in a white/black box condition, we can assume for so strict times maybe we are in a white box and we received wrong credentials, but only calling the proper emergency contact for the client can solve this situation(D answer) NOT-C) Could be a good answer, but to acquire the expected time frame of the assessment doesn't help the assessment team -not able to access and produce results until Monday. That's why the right answer is D: If I have any doubt or problem or expected time frame compromised, I can advise the emergency contacts.