Which of the following actions should the tester take?
A red-team tester has been contracted to emulate the threat posed by a malicious insider on a company’s network, with the constrained objective of gaining access to sensitive personnel files. During the assessment, the red-team tester identifies an artifact indicating possible prior compromise within the target environment.
Which of the following actions should the tester take?
A . Perform forensic analysis to isolate the means of compromise and determine attribution.
B . Incorporate the newly identified method of compromise into the red team’s approach.
C . Create a detailed document of findings before continuing with the assessment.
D . Halt the assessment and follow the reporting procedures as outlined in the contract.
Answer: D
Latest PT0-002 Dumps Valid Version with 110 Q&As
Latest And Valid Q&A | Instant Download | Once Fail, Full Refund