What is a likely admin response to deliberate backdoors during testing?

Study for the SANS560 GIAC Penetration Tester (GPEN) Test. Study with flashcards and multiple choice questions, each question has hints and explanations. Get ready for your exam!

Multiple Choice

What is a likely admin response to deliberate backdoors during testing?

Explanation:
In a sanctioned test, deliberate backdoors are treated as temporary, controlled footholds. The administrator’s typical response is to shut them down during testing to prevent any uncontrolled access, limit the attack surface, and keep the engagement within its defined scope. This containment ensures the environment remains safe, the test results stay reliable, and no persistent backdoor lingers after the engagement ends. Once the test is complete, the backdoors are removed or disabled so they cannot be exploited outside the authorized window. Keeping backdoors intact would create ongoing risk beyond the test. Upgrading them would alter the test conditions and potentially bypass controls. Renaming them doesn’t address containment or risk and would just add confusion.

In a sanctioned test, deliberate backdoors are treated as temporary, controlled footholds. The administrator’s typical response is to shut them down during testing to prevent any uncontrolled access, limit the attack surface, and keep the engagement within its defined scope. This containment ensures the environment remains safe, the test results stay reliable, and no persistent backdoor lingers after the engagement ends. Once the test is complete, the backdoors are removed or disabled so they cannot be exploited outside the authorized window.

Keeping backdoors intact would create ongoing risk beyond the test. Upgrading them would alter the test conditions and potentially bypass controls. Renaming them doesn’t address containment or risk and would just add confusion.

More Multiple Choice Questions
Subscribe

Get the latest from Passetra

You can unsubscribe at any time. Read our privacy policy