During a security engagement, a consultant uncovers log entries that point to file transfers across user accounts with unclear authorization. Which approach addresses the discovery properly while adhering to professional obligations?
Forward the log entries to an external group for verification
Exclude any reference to the unexplained file transfers from project documentation
Speak to the individuals named in the log entries to resolve the matter directly
Record relevant details in the assessment files and coordinate with approved decision-makers for guidance
Placing the details in the official documentation and contacting authorized decision-makers retains accountability and respects confidentiality. Personally confronting users may compromise evidence, removing entries can obstruct oversight, and sending data beyond the established circle violates confidentiality requirements.
Ask Bash
Bash is our AI bot, trained to help you pass your exam. AI Generated Content may display inaccurate information, always double-check anything important.
What are professional obligations during a security engagement?
Open an interactive chat with Bash
Why should unexplained file transfers be recorded in official documentation?
Open an interactive chat with Bash
What risks are involved in confronting users directly about security findings?