CompTIA CySA+ Practice Test

Disable ads (and more) with a membership for a one time $2.99 payment

Prepare for the CySA+ Exam with our comprehensive test. Study using flashcards and multiple-choice questions that include hints and explanations to ensure your success. Get exam-ready today!

Each practice test/flash card set has 50 randomly selected questions from a bank of over 500. You'll get a new set of questions each time!

Practice this question and more.

What is NOT a primary criterion included in a penetration testing plan?

Timing
Scope
Account credentials
Authorization

The correct answer is: Account credentials

In the context of a penetration testing plan, the primary criteria typically include elements that define the parameters and boundaries of the testing process. These elements are crucial for ensuring that the penetration testing is conducted effectively and within legal and ethical confines. Timing is an essential criterion, as it determines when the testing will occur, which can impact both the target system and business operations. The timing of a penetration test must be carefully planned to avoid disruption. Scope is critical because it defines what systems, applications, or networks will be tested and what is off-limits. Clearly outlining the scope helps prevent misunderstandings and ensures that the testing aligns with the organization's security policy. Authorization is another crucial element, as it confirms that the testers have the legal permission to conduct the test. This helps mitigate legal risks and ensures the testing is conducted within authorized boundaries. Account credentials, while they can be relevant to the testing process, are not typically included as a foundational criterion in the penetration testing plan itself. Credentials may be used during the test but are not a primary factor in determining how the test will be structured or executed. Therefore, these credentials do not form part of the core elements that guide the overall approach of a penetration testing plan.