A company hires a cybersecurity consultant to perform penetration tests. What can cause scope creep of the engagement?
- lack of up-to-date testing tools
- lack of system and network architectural diagrams
- poor formatted request for proposal (RFP) by the company
- ineffective identification of what technical and nontechnical elements will be required for the penetration test
Explanation & Hint:
Scope creep is a project management term that refers to the uncontrolled growth of the scope of a project. Causes of scope creep include:
- poor change management in the penetration testing engagement
- ineffective identification of what technical and nontechnical elements will be required for the penetration test
- poor communication among stakeholders, including your client and your team