A security company has been contracted to perform a scoped insider-threat assessment to try to gain access to the human resources server that houses PII and salary data. The penetration testers have been given an internal network starting position.
Which of the following actions, if performed, would be ethical within the scope of the assessment?
A . Exploiting a configuration weakness in the SQL database
B . Intercepting outbound TLS traffic
C . Gaining access to hosts by injecting malware into the enterprise-wide update server
D . Leveraging a vulnerability on the internal CA to issue fraudulent client certificates
E . Establishing and maintaining persistence on the domain controller
Answer: A
Latest PT0-002 Dumps Valid Version with 110 Q&As
Latest And Valid Q&A | Instant Download | Once Fail, Full Refund