Hawaii penetration testing laws

I’m stuck on a Linux question and need an explanation.

Case Project 1-1: Determining Legal Requirements for Penetration Testing

Alexander Rocco Corporation, a large real estate management company in Maui, Hawaii, has contracted your computer consulting company to perform a penetration test on its computer network. Penetration testers are hired to attack an organization’s network, determine what vulnerabilities are present, and provide recommendations for securing the company’s information systems. The management company owns property that houses a five—star hotel, golf courses, tennis courts, and restaurants. Claudia Mae, the vice president, is your only contact at the company. To avoid undermining your tests, you will not be introduced to any IT staff or employees. Claudia wants to determine what you can find out about the company’s network infrastructure, network topology, and vulnerabilities without any assistance from her or company personnel. Based on this information, write a report outlining the steps you should take before beginning the penetration tests. Research applicable state and federal laws, and reference them in your report.

Case Project 2-2: Investigating Possible Email Fraud

A vice president at Alexander Rocco Corporation says he received a hostile e-mail message from an employee in the Maui office. Human Resources has informed him that the message's contents are grounds for termination, but the vice president wonders whether the employee actually sent the message. When confronted, the employee claims he didn't send the message and doesn't understand why the message shows his return address.

Construct a memo to the vice president, outlining the steps an employee might have taken to create an e-mail message and make it appear to come from another employee's account. Be sure to include some SMTP commands the culprit might have used