Skillset can help you prepare! Sign up for your free Skillset account and take the first steps towards your certification.
You are a pen tester contracted to perform a vulnerability assessment on a client's PCI servers. Over the course of your assessment you set up a packet sniffer on that network segment and sniff incoming & outgoing TCP connections. During the course of this you notice some strange intermittent HTTP connections stemming from one of the servers to a known Command & Control server in Ukraine. On closer examination you determine that there is a .txt file being transferred each time.
What actions should you take?
Document it in your findings and continue your testing
Continue your pen testing and notify Senior Management by end of day
Try to logon to the server and remove the malware causing the connections manually
Stop the pen test immediately and alert the Senior Management in charge of the pen test
Answer: You should stop the pen test immediately and alert the Senior Management at the client site in charge of the pen test. This is the best and most ethical course of action as it is important to make management aware immediately if there is any possibility its systems or data have been compromised.
Train with Skillset and pass your certification exam. Faster. Guaranteed.
Study thousands of practice questions that organized by skills and ranked by difficulty.
Create a tailored training plan based on the knowledge you already possess.
Know when you’re ready for the high-stakes exam. Have the confidence that you will pass on your first attempt.