Free CompTIA PenTest+ PT0-002 Practice Question
While performing a penetration test, you discover a backdoor account with a high level of privileges that does not correlate with any known user accounts managed by the organization's IT department. Additionally, this account has timestamps indicating off-hours activity, and several large data transfers to an external IP address not recognized by the organization. Where in your final report should this information be presented, and what is the primary purpose of including such details?
Discuss in the 'Methodology' section to describe the penetration testing process used
Summarize in the 'Executive Summary' section to propose immediate remediation actions
Include in the 'Findings' section to alert the organization to potential security breaches
Describe in the 'Scope Details' section to outline the limits of the penetration test
