Certified Ethical Hacker (CEH v11) — Question 167

Your company performs penetration tests and security assessments for small and medium-sized business in the local area. During a routine security assessment, you discover information that suggests your client is involved with human trafficking.
What should you do?

Answer options

• A. Confront the client in a respectful manner and ask her about the data.
• B. Copy the data to removable media and keep it in case you need it.
• C. Ignore the data and continue the assessment until completed as agreed.
• D. Immediately stop work and contact the proper legal authorities.

Correct answer: D

Explanation

The correct answer is D because reporting potential human trafficking to the authorities is mandatory and prioritizes the safety of individuals involved. Option A is inappropriate as confronting the client could alert them and hinder an investigation. Option B is unethical and potentially illegal as it involves mishandling sensitive information. Option C is also irresponsible as it ignores the gravity of the situation.