Certified Ethical Hacker (CEH) — Question 112

A security consultant is trying to bid on a large contract that involves penetration testing and reporting. The company accepting bids wants proof of work so the consultant prints out several audits that have been performed. Which of the following is likely to occur as a result?

Answer options

• A. The consultant will ask for money on the bid because of great work.
• B. The consultant may expose vulnerabilities of other companies.
• C. The company accepting bids will want the same type of format of testing.
• D. The company accepting bids will hire the consultant because of the great work performed.

Correct answer: B

Explanation

The correct answer is B because sharing past audit reports may inadvertently disclose vulnerabilities that were identified in other companies, potentially compromising their security. Options A, C, and D do not address the risks associated with revealing sensitive information about previous clients, making them less relevant in this context.