Free CompTIA PenTest+ PT0-002 Practice Question

You are performing a penetration test and have discovered an undocumented file server containing sensitive company data during the assessment. This server is not listed in the provided target list. In keeping with professional conduct regarding the scope, which course of action should you take next?

  • Document the finding in your report for post-assessment review but avoid interacting with the server

  • Run non-aggressive scans on the server to determine if it holds any exploitable vulnerabilities

  • Inform the client of the finding and request a clarification on whether it should be included in the scope of the assessment

  • Immediately disconnect from the network to avoid any further unauthorized interaction

This question's topic:
CompTIA PenTest+ PT0-002 / 
Planning and Scoping
Your Score:

Check or uncheck an objective to set which questions you will receive.