CompTIA PenTest+ (PT0-002) — Question 254

During an assessment, a penetration tester found a web component with no authentication requirements. The web component also allows file uploads and is hosted on one of the target public web servers. Which of the following actions should the penetration tester perform next?

Answer options

• A. Continue the assessment and mark the finding as critical.
• B. Attempt to remediate the issue temporarily.
• C. Notify the primary contact immediately.
• D. Shut down the web server until the assessment is finished.

Correct answer: C

Explanation

The correct action is to notify the primary contact immediately, as they need to be aware of the security risk posed by the unauthenticated web component. Continuing the assessment without informing them could lead to further vulnerabilities being exploited. Remediation efforts or shutting down the server may require coordination with the primary contact, making immediate notification critical.