CompTIA PenTest+ (PT0-002) — Question 117

During the scoping phase of an assessment, a client requested that any remote code exploits discovered during testing would be reported immediately so the vulnerability could be fixed as soon as possible. The penetration tester did not agree with this request, and after testing began, the tester discovered a vulnerability and gained internal access to the system. Additionally, this scenario led to a loss of confidential credit card data and a hole in the system. At the end of the test, the penetration tester willfully failed to report this information and left the vulnerability in place. A few months later, the client was breached and credit card data was stolen. After being notified about the breach, which of the following steps should the company take NEXT?

Answer options

• A. Deny that the vulnerability existed
• B. Investigate the penetration tester.
• C. Accept that the client was right.
• D. Fire the penetration tester.

Correct answer: B

Explanation

The correct action is to investigate the penetration tester because their failure to report a critical vulnerability directly contributed to the breach. Denying the vulnerability or claiming the client was right does not address the root cause of the issue. Firing the penetration tester may be necessary eventually, but understanding their actions is the immediate priority.