ExamTopics Logo
Mail Us[email protected]
Menu
Comptia Discussions
exam questions

Exam PT0-002 All Questions

View all questions & answers for the PT0-002 exam
Go to Exam

Exam PT0-002 topic 1 question 315 discussion

Actual exam question from CompTIA's PT0-002
Question #: 315
Topic #: 1
[All PT0-002 Questions]

A red-team tester has been contracted to emulate the threat posed by a malicious insider on a company's network, with the constrained objective of gaining access to sensitive personnel files. During the assessment, the red-team tester identifies an artifact indicating possible prior compromise within the target environment. Which of the following actions should the tester take?

  • A. Perform forensic analysis to isolate the means of compromise and determine attribution.
  • B. Incorporate the newly identified method of compromise into the red team’s approach.
  • C. Create a detailed document of findings before continuing with the assessment.
  • D. Halt the assessment and follow the reporting procedures as outlined in the contract.
Show Suggested Answer Hide Answer
Suggested Answer: D 🗳️
by Rezaee at March 2, 2024, 5:16 p.m.

Comments

Chosen Answer:
This is a voting comment (?). It is better to Upvote an existing comment if you don't have anything to add.
Switch to a voting comment New
Submit Cancel
041ba31
8 months ago
Selected Answer: D
Upon discovering an artifact indicating a prior compromise, the tester should stop the assessment to report this critical finding, ensuring the client can address the real, immediate security concern
upvoted 1 times
...
Rezaee
8 months, 2 weeks ago
Selected Answer: D
D. Halt the assessment and follow the reporting procedures as outlined in the contract.
upvoted 1 times
...
Community vote distribution
A (35%)
C (25%)
B (20%)
Other
Most Voted
A voting comment increases the vote count for the chosen answer by one.

Upvoting a comment with a selected answer will also increase the vote count towards that answer by one. So if you see a comment that you already agree with, you can upvote it instead of posting a new comment.

SaveCancel
exam
Someone Bought Contributor Access for:
SY0-701
London, 1 minute ago