CompTIA CASP+ (CAS-004) — Question 396

Following a successful exploitation of an RCE vulnerability during a penetration test, a systems administrator is performing remediation activities of the target system. Since the systems administrator was not involved in the planning process for the penetration test, a production server was inadvertently targeted and impacted by the actions of the penetration tester. Which of the following would be the most appropriate to reduce the impact of the penetration test in the future?

Answer options

• A. Leverage a purple team approach to refine scope definition.
• B. Exclude non-production systems from the penetration test.
• C. Implement a black-box approach for the penetration test.
• D. Include an intercepting proxy in the production environment.
• E. Rely on web application vulnerability scans instead of penetration testing.

Correct answer: A

Explanation

The correct answer is A because leveraging a purple team approach fosters collaboration between red (offensive) and blue (defensive) teams, leading to better-defined scopes and minimizing the risk of targeting production systems. The other options either suggest excluding systems that may need testing (B), adopting a less effective testing methodology (C), introducing unnecessary complexity (D), or relying solely on scans that may not catch all vulnerabilities (E).