CompTIA PenTest+ (PT1-002) — Question 78

A company becomes concerned when the security alarms are triggered during a penetration test. Which of the following should the company do NEXT?

Answer options

• A. Halt the penetration test.
• B. Conduct an incident response.
• C. Deconflict with the penetration tester.
• D. Assume the alert is from the penetration test.

Correct answer: C

Explanation

The correct answer is C because coordinating with the penetration tester can clarify whether the alarms are a result of the test or a genuine threat. Halting the test (A) or conducting an incident response (B) may not be necessary unless confirmed, and assuming the alert is part of the test (D) could lead to ignoring a real security issue.