PT0-002 · Question #145
PT0-002 Question #145: Real Exam Question with Answer & Explanation
The correct answer is D: Remove the tester-created credentials.. {"question_number": 6, "question": "A penetration tester ran the following commands on a Windows server: Which of the following should the tester do AFTER delivering the final report?", "correct_answer": "D", "explanation": "Post-engagement cleanup is a critical responsibility of
Question
A penetration tester ran the following commands on a Windows server: Which of the following should the tester do AFTER delivering the final report?
Options
- ADelete the scheduled batch job.
- BClose the reverse shell connection.
- CDowngrade the svsaccount permissions.
- DRemove the tester-created credentials.
Explanation
{"question_number": 6, "question": "A penetration tester ran the following commands on a Windows server: Which of the following should the tester do AFTER delivering the final report?", "correct_answer": "D", "explanation": "Post-engagement cleanup is a critical responsibility of a penetration tester. After delivering the final report, all artifacts created during the test must be removed to return the target environment to its original state. Tester-created credentials are a significant security risk if left behind - they could be discovered and exploited by malicious actors. Removing these credentials (D) is the highest-priority cleanup action. While closing reverse shells (B), deleting batch jobs (A), and downgrading permissions (C) are also cleanup tasks, the scenario's commands suggest credential creation was performed, making credential removal the most critical remediation item to address after report delivery.", "generated_by": "claude-sonnet", "llm_judge_score": 3}
Topics
Community Discussion
No community discussion yet for this question.