CompTIACompTIA
PT0-002 · Question #317
PT0-002 Question #317: Real Exam Question with Answer & Explanation
The correct answer is D: Use the client's public key.. The most secure method for transmitting a penetration test report is to encrypt it using the client's public key, ensuring that only the client's corresponding private key can decrypt and access the sensitive information.
Reporting and Communication
Question
Which of the following is the MOST secure method for sending the penetration test report to the client?
Options
- AHost it on an online storage system.
- BPut it inside a password-protected ZIP file.
- CTransfer it via webmail using an HTTPS connection.
- DUse the client's public key.
Explanation
The most secure method for transmitting a penetration test report is to encrypt it using the client's public key, ensuring that only the client's corresponding private key can decrypt and access the sensitive information.
Common mistakes.
- A. Hosting the report on an online storage system introduces third-party risk and does not guarantee the highest level of confidentiality without explicit and strong encryption controls.
- B. A password-protected ZIP file's security depends on the password strength and secure out-of-band communication of that password, which is often difficult to achieve reliably.
- C. Transferring via webmail using an HTTPS connection only encrypts the data in transit; the report itself might remain unencrypted on mail servers, and email is generally not considered a sufficiently secure medium for highly confidential penetration test reports.
Concept tested. Secure document transmission via encryption
Topics
#Secure Communication#Data Encryption#Public Key Infrastructure#Report Delivery
Community Discussion
No community discussion yet for this question.