When you discover an urgent issue, high risk vulnerability, or evidence of a previous intrusion, what should you have in place during a penetration engagement?

Study for the SANS560 GIAC Penetration Tester (GPEN) Test. Study with flashcards and multiple choice questions, each question has hints and explanations. Get ready for your exam!

Multiple Choice

When you discover an urgent issue, high risk vulnerability, or evidence of a previous intrusion, what should you have in place during a penetration engagement?

Explanation:
The key idea is having a prearranged, secure way to escalate and report findings. In a penetration test, if you encounter an urgent issue, high‑risk vulnerability, or evidence of a prior intrusion, you must already know who to contact and how to communicate, so you can alert the right people quickly and share the results securely. This includes validated points of contact and a protected channel (encrypted, out-of-band) for delivering the final report and any critical findings. This approach supports rapid triage, proper remediation, and maintains confidentiality and chain-of-custody for evidence. Openly sharing details publicly would breach confidentiality and potentially expose the organization to more risk. Planning to isolate the entire network is too drastic a step to rely on without explicit authorization and coordination. Keeping a record of user passwords is insecure and violates policy and best practices for credential handling.

The key idea is having a prearranged, secure way to escalate and report findings. In a penetration test, if you encounter an urgent issue, high‑risk vulnerability, or evidence of a prior intrusion, you must already know who to contact and how to communicate, so you can alert the right people quickly and share the results securely. This includes validated points of contact and a protected channel (encrypted, out-of-band) for delivering the final report and any critical findings. This approach supports rapid triage, proper remediation, and maintains confidentiality and chain-of-custody for evidence.

Openly sharing details publicly would breach confidentiality and potentially expose the organization to more risk. Planning to isolate the entire network is too drastic a step to rely on without explicit authorization and coordination. Keeping a record of user passwords is insecure and violates policy and best practices for credential handling.

More Multiple Choice Questions
Subscribe

Get the latest from Passetra

You can unsubscribe at any time. Read our privacy policy