Final answer:
The situation described is known as 'scope creep,' which arises when the focus of a penetration test changes after commencement, such as adding a black box element into a gray box test.
Step-by-step explanation:
The scenario described where either the client or the tester decides to change the focus of the penetration test after it has already started is known as scope creep. This is a common challenge in the field of cybersecurity testing, particularly during penetration testing or pen-testing. In penetration testing, the scope defines the boundaries and goals for the test; any deviation from the predefined scope could lead to additional risks, costs, or even legal implications. Adding a black box component to an originally agreed-upon gray box test is a clear example of scope creep. In a gray box test, the tester has some knowledge of the internal structures, possibly including access to databases, algorithms, or source code. A black box test, on the other hand, simulates an external hacking or cyber attack where the tester has no prior knowledge of the system.