A penetration tester was able to compromise a server and escalate privileges. Which of the following should the tester perform AFTER concluding the activities on the specified target? (Choose two.)
A.
Remove the logs from the server.
B.
Restore the server backup.
C.
Disable the running services.
D.
Remove any tools or scripts that were installed.
When a penetration tester concludes activities on a specified target, they should follow ethical guidelines to leave the system in a secure and stable state without tampering with the evidence. Based on these principles, the following actions should be taken:
D. Remove any tools or scripts that were installed.
E. Delete any created credentials.
The best recommendations for the tester to perform after concluding activities on the specified target would be D. Remove any tools or scripts that were installed, and E. Delete any created credentials.
DE for sure. All other options are server management roles likely from the client's staff or outsourced.
upvoted 3 times
...
Log in to ExamTopics
Sign in:
Community vote distribution
A (35%)
C (25%)
B (20%)
Other
Most Voted
A voting comment increases the vote count for the chosen answer by one.
Upvoting a comment with a selected answer will also increase the vote count towards that answer by one.
So if you see a comment that you already agree with, you can upvote it instead of posting a new comment.
Incognito09
Highly Voted 1 year, 2 months agomehewas855
Most Recent 2 days, 3 hours agosolutionz
4 months, 1 week agonickwen007
9 months, 1 week agokloug
9 months, 4 weeks ago2Fish
10 months, 1 week ago[Removed]
11 months, 3 weeks ago