PT0-001 Question #7: Real Exam Question with Answer & Explanation

Question

Options

• AThe tester discovers personally identifiable data on the system.
• BThe system shows evidence of prior unauthorized compromise.
• CThe system shows a lack of hardening throughout.
• DThe system becomes unavailable following an attempted exploit.
• EThe tester discovers a finding on an out-of-scope system.

Explanation

During a penetration test, testers must immediately notify the client when an unintended service disruption occurs or when evidence of a prior unauthorized breach is discovered, as both situations carry significant operational and legal implications.

Common mistakes.

• A. Discovering PII on a system is a notable finding to document in the final report but does not typically require immediate out-of-band escalation during the test, as encountering sensitive data is an expected and authorized outcome of the assessment.
• C. A lack of system hardening is a standard vulnerability finding that belongs in the final penetration test report rather than being escalated as an emergency requiring immediate client contact.
• E. A finding on an out-of-scope system should be noted, excluded from active exploitation, and disclosed in the final report or a brief notification - it does not represent the same urgency as an active service outage or evidence of an external breach.

Concept tested. Penetration test communication triggers and escalation procedures

Reference. https://csrc.nist.gov/publications/detail/sp/800-115/final

No community discussion yet for this question.