You are a new security tester for Security Consulting Company (SCC). Before you begin your first assignment, Shelley Can
Posted: Thu Jul 14, 2022 2:18 pm
You are a new security tester for Security Consulting Company (SCC). Before you begin your first assignment, Shelley Canon, the vice president of SCC, wants you to read the rules of engagement section of the Open Source Security Testing Methodology Manual (OSSTMM) to make sure you do not violate any company policies.
Write a memo to Shelley that summarizes the OSSTMM’s rules of engagement section. The memo should describe the purpose of the rules of engagement and include answers to the fol- lowing questions:
When is it permissible to release the names of past clients?
If you are not able to penetrate a client’s network, is it permissible to offer your ser-
vices free of charge?
When is it permissible to conduct denial of service attacks on a client’s network?
Write a memo to Shelley that summarizes the OSSTMM’s rules of engagement section. The memo should describe the purpose of the rules of engagement and include answers to the fol- lowing questions:
When is it permissible to release the names of past clients?
If you are not able to penetrate a client’s network, is it permissible to offer your ser-
vices free of charge?
When is it permissible to conduct denial of service attacks on a client’s network?