During a penetration test, you discover evidence suggesting that an employee has been engaging in illegal activities using the company's network. Which of the following actions aligns best with professional conduct and legal responsibilities?
You selected this option
Ignore the findings as they are beyond the scope of the penetration test.
You selected this option
Immediately notify the primary or emergency contact designated by the client to relay your findings confidentially.
You selected this option
Turn off the affected systems to prevent any further illegal activity.
You selected this option
Confront the employee directly to investigate the matter further.
When encountering potential criminal activity during a penetration test, the tester must communicate this information to the primary or emergency contact within the organization as outlined in the communication plan. It is crucial to handle the situation with confidentiality and let the appropriate parties within the organization manage the legal response. Directly confronting the individual or ignoring the findings are not adhering to professional and ethical standards, and turning off the affected system could hinder further investigation by the appropriate authorities.
Ask Bash
Bash is our AI bot, trained to help you pass your exam. AI Generated Content may display inaccurate information, always double-check anything important.
What is a penetration test?
Open an interactive chat with Bash
What are the legal responsibilities of a penetration tester?
Open an interactive chat with Bash
What is the role of the communication plan in a penetration test?