Courses / HDNA Ethical Hacking Course

1. Legal & Compliance

Last Edit: 12-05-2024

Pro Chapter

This chapter is exclusive to Pro members

Upgrade to Pro to unlock:
  • Full access to all courses & chapters
  • Advanced learning materials
  • New Courses and Labs every month
  • Exclusive Guided Mode in Labs
  • Official step-by-step solutions
  • All Labs features (extend time, etc)
Upgrade to Pro Now $11.33/mo Yearly Plan $8.50/mo

In this module, you'll learn about the crucial legal and ethical aspects of penetration testing, including compliance requirements and the intricacies of drafting Rules of Engagement (RoE) and scoping documents. Understanding these foundational concepts is essential for any professional penetration tester to operate ethically and within legal boundaries.

1.1 Legal Frameworks and Compliance Considerations

Overview of the Cybersecurity Law and Regulations

Here are the most common laws and legal texts used around the world that will apply to your pentesting carreer. This is not an exhaustive list, depending on where on the world you are working, but those are the main you may encounter and should know about.

  1. United States
This is the primary federal cybersecurity law in the U.S. It prohibits unauthorized access or exceeding authorized access to computers and networks. For penetration testers, it's crucial to have clear, written authorization to avoid violations under this law.