Which of the following statements regarding ethical hacking is incorrect?
A.
Ethical hackers should never use tools or methods that have the potential of exploiting vulnerabilities in an
organization’s systems.
B.
Testing should be remotely performed offsite.
C.
An organization should use ethical hackers who do not sell vendor hardware/software or other consulting
services.
D.
Ethical hacking should not involve writing to or modifying the target systems.
Explanation:
Ethical hackers use the same methods and techniques, including those that have the potential of exploiting
vulnerabilities, to test and bypass a system’s defenses as their less-principled counterparts, but rather than
taking advantage of any vulnerabilities found, they document them and provide actionable advice on how to fix
them so the organization can improve its overall security.
http://searchsecurity.techtarget.com/definition/ethical-hacker
Shouldn’t his be D since they use the same methods?
Answer should be A (Question is looking for incorrect answer)