Realism

This metric is used to evaluate whether the penetration testing is realistic, and it is built to simulate real-world attacks. Answer the following questions in terms of yes or no:

• Did you use the black box approach?
• Did you avoid detection?
• Did you use social engineering?
• Did you use exfiltrated data?
• Did you emulate a malware?