During a penetration testing engagement, you uncover evidence that an employee of the client organization is covertly exfiltrating sensitive customer data. Which of the following actions is the BEST course of action in alignment with professional and ethical standards?
Confront the employee directly to deter further data exfiltration.
Report the finding immediately to the appropriate point of contact within the client organization.
Ignore the finding as it is not within the original scope of the engagement.
Collect more evidence before reporting to make the case stronger.
Wait until the end of the engagement to report the finding in the final report.
Discuss the situation with fellow team members to decide on a proper course of action.
The immediate reporting of the discovered criminal activity to the appropriate point of contact within the client organization is the best course of action because it adheres to professional and ethical standards of conduct, ensuring that potential criminal activity is addressed promptly and through the proper channels. Delaying reporting, confronting the employee directly, or discussing with peers could lead to potential complications, legal issues, or breaches of the scope of engagement and confidentiality agreements.
Ask Bash
Bash is our AI bot, trained to help you pass your exam. AI Generated Content may display inaccurate information, always double-check anything important.
Why is it important to report findings immediately during a penetration test?
Open an interactive chat with Bash
What are some professional and ethical standards for penetration testers?
Open an interactive chat with Bash
What should a penetration tester include in their report after discovering unethical behavior?