During a consolidated findings meeting, the penetration-testing team must transfer a 50-page report and exploit proof-of-concept files to the organization's executive leadership, most of whom will review the documents while travelling. The testers must minimize the chance of unauthorized disclosure or tampering during transit and at rest. Which delivery method is the MOST appropriate?
Post the report to a cloud storage bucket secured only by a presigned URL that expires in one week
Copy the files to a shared network drive accessible to all authenticated domain users over VPN
Email the report as a password-protected PDF attachment using the internal mail server and include the password in a follow-up email
Upload the encrypted report to a hardened portal that requires MFA and role-based access, then send a one-time decryption key via SMS
Using an encrypted file portal that enforces multifactor, role-based access provides confidentiality in transit, restricts who can retrieve the data, and limits the blast radius if credentials leak. Sending the decryption key through a separate channel further reduces the impact of an intercepted link. Email attachments, shared network drives, and presigned URLs either lack strong authentication, expose the data to a broad audience, or can be forwarded without additional controls, increasing the risk of unauthorized access.
Ask Bash
Bash is our AI bot, trained to help you pass your exam. AI Generated Content may display inaccurate information, always double-check anything important.
What is an encrypted channel?
Open an interactive chat with Bash
What are 'defined roles' for recipients, and how do they enhance security?
Open an interactive chat with Bash
Why is a password-protected archive not considered sufficient security?