CompTIA
PT0-001 · Question #42
PT0-001 Question #42: Real Exam Question with Answer & Explanation
The correct answer is C: Promptly alert the client with details of the finding.. Professional penetration testing rules of engagement require immediate escalation of critical findings to the client so they can manage the risk before the engagement window closes.
Engagement management
Question
During testing, a critical vulnerability is discovered on a client's core server. Which of the following should be the NEXT action?
Options
- ADisable the network port of the affected service.
- BComplete all findings, and then submit them to the client.
- CPromptly alert the client with details of the finding.
- DTake the target offline so it cannot be exploited by an attacker.
Explanation
Professional penetration testing rules of engagement require immediate escalation of critical findings to the client so they can manage the risk before the engagement window closes.
Common mistakes.
- A. Disabling network ports or services on client infrastructure without explicit prior authorization exceeds the agreed scope of the penetration test and constitutes unauthorized modification of production systems.
- B. Completing all findings before reporting delays the client's awareness of a critical risk that may require immediate emergency remediation, violating responsible disclosure expectations built into most engagement contracts.
- D. Taking a target system offline without client authorization disrupts business operations and falls outside the tester's approved scope, regardless of the severity of the vulnerability found.
Concept tested. Responsible disclosure and escalation during penetration testing engagements
Reference. http://www.pentest-standard.org/index.php/Reporting
Topics
#client communication#critical findings#incident handling#scope management
Community Discussion
No community discussion yet for this question.