Exam PT0-002 topic 1 question 49 discussion

This is the SAME QUESTION from #207 and we have different answers....

D. Document the unprotected file repository as a finding in the penetration-testing report. The best action for the tester to take with this information would be to document the unprotected file repository as a finding in the penetration testing report. The tester should advise the client about the sensitive data that is exposed in the text file and the spreadsheet, including the usernames and passwords in cleartext, full names, roles, and serial numbers. By highlighting this vulnerability, the client will be able to take appropriate measures to secure their sensitive data, such as by protecting the file repository with proper access controls, implementing encryption, and putting in place a data governance policy. Creating a custom password dictionary as preparation for password spray testing is not a good action, as the passwords format has been revealed and they should be changed. Recommend using a password manager/vault instead of text files to store passwords securely, is a good action but is not the first step. Recommend configuring password complexity rules in all the systems and applications is a good action but is not the first step.

D. Document the unprotected repo → You definitely will document it, but you haven't finished exploiting it yet — move forward with the test first! so it's A

BRO WHAT

While all the given options may be relevant at different stages of the penetration testing process, the best action to take NEXT after discovering sensitive information in an unprotected network file repository is to document the finding. Documenting the findings as they are discovered ensures that all relevant information is captured and that the client is provided with accurate and comprehensive details about the security issues identified during the test. Recommendations for improving security, such as using a password manager/vault or configuring password complexity rules, would typically be included in the final report or discussed with the client after the testing is completed. So, the correct answer is: D. Document the unprotected file repository as a finding in the penetration-testing report.

A is surely the correct answer. The question asks what is the Next action to take, therefore the test proceeds. A is correct.

D is correct

D - Document the unprotected file repository as a finding should be what the tester should do next. B - Is incorrect as the next thing the tester should do. Answer B - should form part of the remediation recommended by the tester after the penetration testing.