CompTIA PenTest+ (PT0-002) — Question 281

A client claims that a ransomware attack has crippled its corporate network following a penetration test assessment. Which of the following is the most likely root cause of this issue?

Answer options

• A. Client reluctance to accept findings
• B. Lack of attestation
• C. Incomplete data destruction process
• D. Failure to remove tester-created credentials

Correct answer: D

Explanation

The correct answer is D because failure to remove tester-created credentials can leave the network vulnerable to exploitation, which may lead to a ransomware attack. Options A and B do not directly relate to the security of the network, while C pertains to data management rather than the specific vulnerabilities created by penetration testing.