Section D — Ethics & legality 14. It facilitates unauthorized access, abets theft, and may contravene laws or vendor agreements. 15. When you are the lawful owner, have explicit owner authorization, or are an authorized technician with documented consent. 16. Elements: ownership verification, authorization workflow, logging/auditing, use of vendor support, escalation procedures, and evidence retention. 17. Check purchase records, asset tags, serial/service tag, registered owner, chain-of-custody documentation, and if necessary contact the vendor for verification. 18. Report privately to vendor with reproduction steps, provide timeline, allow vendor time to remediate before public disclosure, avoid publishing exploit details that enable abuse. End of examination.