Practice penetration testing methodology vocabulary: reconnaissance, scoping, PTES standard, rules of engagement, and post-exploitation phases.
0 / 5 completed
1 / 5
The '_____ phase' is the first stage of a penetration test, where the tester gathers information about the target.
Reconnaissance (recon) is the initial phase of a pentest where the tester collects publicly available information about the target (OSINT, DNS records, employee data) without active probing.
2 / 5
'The pentest scope is limited to the _____ environment.' Why is scope definition critical?
Limiting scope to the staging environment (or specific IP ranges) prevents accidental disruption of live systems and defines the legal boundary of authorized testing.
3 / 5
What does PTES stand for?
PTES (Penetration Testing Execution Standard) is a framework defining the standard methodology for professional penetration tests, covering pre-engagement through reporting.
4 / 5
'Rules of _____ define what testers are authorized to do during a pentest engagement.
Rules of Engagement (RoE) are the formal agreement defining authorized test activities, excluded systems, communication protocols, and emergency procedures for a pentest engagement.
5 / 5
The 'post-exploitation phase' occurs after a tester has:
Post-exploitation assesses what an attacker could do after compromising a system — lateral movement, data access, persistence mechanisms — to demonstrate the full business impact of a vulnerability.