CompTIA PenTest+ (PT0-003) — Question 71

Which of the following should a penetration tester do when conducting post-engagement cleanup?

Answer options

• A. Return the system to its original state.
• B. Close any open ports.
• C. Shut down the infected system.
• D. Delete all activity logs.

Correct answer: A

Explanation

The correct answer is A, as returning the system to its original state ensures that no traces of the testing remain, thus maintaining the integrity of the system. Options B, C, and D are not appropriate as they focus on shutting down or altering the system in ways that do not align with proper post-engagement procedures.