Which of the following activities is commonly deemed “OUT OF SCOPE” when undertaking a penetration test?
A.
Test password complexity of all login fields and input validation of form fields
B.
Reverse engineering any thick client software that has been provided for the test
C.
Undertaking network-based denial of service attacks in production environment
D.
Attempting to perform blind SQL injection and reflected cross-site scripting attacks
E.
Running a vulnerability scanning tool to assess network and host weaknesses