All of the other ones wouldn't warrant an emergency contact. If they found another actor on the network that shouldn't be there while they're playing the enemy then that is means for halting the penetration test all together and notifying them. They will the need to have their security department look further into it to see if there network is being exploited as that is the worst case scenario for an organization.
Emergency contact is not for reporting critical vulnerabilities. You report those to the IT manager or the primary contact. Emergency contact is in case you cause something on the network which requires deconfliction. They are there for network and resource availability, so if you lose connection to the network, that's a job for the emergency personnel. If there is another actor on the network, that won't be reported to the emergency contact. That will go the primary contact or the designated IT manager or client counterpart.
It said : Option C: Losing remote access to the network during a penetration test is a critical situation that could indicate an issue with the engagement, potential compromise, or other unforeseen problems. In such cases, it is important to notify the emergency contact or the organization's incident response team promptly. This allows the organization to assess the situation, ensure that the engagement did not lead to unintended consequences, and take necessary actions to restore network access and security.
I mentioned D and it basically said "ok fine. both but it depends on the specific circumstances"
During a penetration testing engagement, the penetration testers usually have rules of engagement and boundaries that they must follow. Notifying the emergency contact would be warranted if something unexpected and potentially harmful was encountered.
In the given options, the situation that most likely would require immediate notification of the emergency contact is:
D. The team discovers another actor on a system on the network.
Discovering another unauthorized actor on the system could mean that there's an ongoing breach or other malicious activity. This situation would generally be considered an emergency, as it goes beyond the planned scope of the penetration test and represents an immediate risk to the organization.
The other options might be part of the planned scope of the test or not represent immediate emergencies, depending on the particular circumstances of the engagement.
All of the listed situations could potentially warrant notifying the emergency contact for the engagement, but the most critical and urgent situation that requires immediate notification is option B - exfiltrating PII or credit card data from the organization. This type of data is highly sensitive and its unauthorized disclosure can lead to significant financial and reputational damage for the organization.
No, because if you exfiltrated pii or credit card data, this is likely already to be expected and it should be listed for something you will remediate as well as they can be informed. Its a much bigger deal if there is an actor on the network who could exploit that information and your emergency contact should be notified. as a penetration tester you would almost hope you could find pii or credit card data as this would be a success for you
This section is not available anymore. Please use the main Exam Page.PT0-002 Exam Questions
Log in to ExamTopics
Sign in:
Community vote distribution
A (35%)
C (25%)
B (20%)
Other
Most Voted
A voting comment increases the vote count for the chosen answer by one.
Upvoting a comment with a selected answer will also increase the vote count towards that answer by one.
So if you see a comment that you already agree with, you can upvote it instead of posting a new comment.
fuzzyguzzy
11 months, 2 weeks agoTacosInMyBelly
1 year, 7 months agoAlizade
1 year, 9 months ago[Removed]
1 year, 9 months agoUseChatGPT
1 year, 10 months agohakanay
1 year, 8 months ago581777a
1 year, 10 months agosolutionz
2 years agoJimBobSquare101
2 years, 2 months agoxviruz2kx
2 years, 4 months agoMegTechGuru
1 year, 9 months ago[Removed]
2 years, 5 months agocy_analyst
2 years, 5 months agojosepa
2 years, 5 months ago[Removed]
2 years, 5 months agokloug
2 years, 5 months ago