Question

Question: Consider you are a recently hired penetration tester. (A) What needs to be in place prior to the start of a penetration test? (B) Ideally, should a penetration tester perform tests on a live system? Why/why not. (C) How would you, the tester, identify vulnerabilities of the system under investigation? How would you disclose the vulnerabilities to the system owners? (D) Please make sure to reference at least one good online reference using APA, MLA or Chicago style.  

Answer 1

(A) What needs to be in place prior to the start of a penetration test?

Testing Environment and Access to the system and environment is need.

(B) Ideally, should a penetration tester perform tests on a live system? Why/why not.

Depends upon customer requirement you can either use live system or test system.

If it is on live system , you get real assessment of security threats on real time environment. Cons if you make a mistake then whole system will be in trouble.

(C) How would you, the tester, identify vulnerabilities of the system under investigation? How would you disclose the vulnerabilities to the system owners?

professionals define and identify vulnerability assessment scope, what factors can cause threats, what can we do if a threat is caused, what threats can be exploied, what can be main risks if a threat is cause and how we can counter them etc. during testing.

You will create a report on penetration testing and submit to owners. like cookie manipulations, injections etc. depends upon the requirement it wary's

(D) Please make sure to reference at least one good online reference using APA, MLA or Chicago style.  

No idea mate

Please let me know if you need more help.