A company hires a cybersecurity professional to perform penetration testing to assess government regulation compliance. Which document will be provided to the cybersecurity professional that specifies a detailed and descriptive list of all the deliverables, including the scope of the project, the timeline and report delivery schedule, the location of the work, and the payment schedule?
- statement of work (SOW)
- service-level agreement (SLA)
- master service agreement (MSA)
- non-disclosure agreement (NDA)
Explanation: A statement of work (SOW) is a document that specifies the details of the activities to be performed during a penetration testing engagement. It can be used to define some of the elements:
Project (penetration testing) timelines, including the report delivery schedule
The scope of the work to be performed
The location of the work (geographic location or network location)
Special technical and nontechnical requirements
Payment schedule
Exam with this question: 2.4.3 Quiz - Planning and Scoping a Penetration Testing Assessment Answers
Please login or Register to submit your answer