Pen tests are risky at best and can violate security rules or even legislation at worst. Learn how to establish rules of engagement with your client, including understanding who they are, what the target limits are, what the test scope is, and who to communicate with should something go awry during one of your attacks.