During a penetration testing engagement, what should a penetration tester do if they inadvertently discover evidence of illegal activity on the target system?
Document the finding and continue the test, reporting it only at the end of the engagement.
Ignore the evidence as it is outside the original scope of the engagement.
Report the finding immediately to the appropriate contact and authorities.
Delete the evidence to avoid implicating the client in any illegal activity.
If a penetration tester discovers evidence of illegal activity, they should immediately report the finding to both their immediate point of contact and, if required, the appropriate legal authorities. Maintaining professionalism and integrity is crucial, and part of this is ensuring any criminal activities discovered during the course of work are addressed appropriately. Not reporting such activity can lead to legal repercussions for the tester and is against ethical hacking principles.
Ask Bash
Bash is our AI bot, trained to help you pass your exam. AI Generated Content may display inaccurate information, always double-check anything important.
What are the ethical responsibilities of a penetration tester?
Open an interactive chat with Bash
Why is it important to report illegal activity immediately?
Open an interactive chat with Bash
What could happen if a penetration tester ignores evidence of illegal activity?