Homework answers / question archive / Understanding the Rules of Engagement for Security Testers You’re a new security tester for Security Consulting Company (SCC)

Understanding the Rules of Engagement for Security Testers You’re a new security tester for Security Consulting Company (SCC)

Writing

Share With

Understanding the Rules of Engagement for Security Testers

You’re a new security tester for Security Consulting Company (SCC). Before you go out on your first assignment, Shelley Canon, the vice president of SCC, wants you to read the rules of engagement section of the OSSTMM to make sure you don’t violate any company policies.

Write a memo to Shelley Canon summarizing the OSSTMM’s rules of engagement section.

The memo should describe the purpose of the rules of engagement and include answers to the following questions: 

? When is releasing the names of past clients permissible? 

? If you aren’t able to penetrate a client’s network, is offering your services free of charge permissible? 

? When is conducting denial-of-service attacks on a client’s network permissible?