In an unprotected network file repository, a penetration tester discovers a text file containing usernames and passwords in cleartext and a spreadsheet containing data for 50 employees, including full names, roles, and serial numbers. The tester realizes some of the passwords in the text file follow the format:
Which of the following would be the best action for the tester to take NEXT with this information?
The best action for the tester to take next with the discovered information is to document the unprotected file repository as a finding in the penetration-testing report. This step is essential to ensure that the client is aware of the significant security vulnerability related to the exposed sensitive data, including usernames, passwords, full names, roles, and serial numbers. Documenting the finding promptly provides a clear record of the issue, allowing the client to take appropriate corrective measures, such as securing access to the repository, implementing encryption, and establishing robust data governance policies. Subsequent recommendations, such as using password managers or configuring password complexity rules, would be part of the remediation steps suggested in the final report.
This is the SAME QUESTION from #207 and we have different answers....
D. Document the unprotected file repository as a finding in the penetration-testing report. The best action for the tester to take with this information would be to document the unprotected file repository as a finding in the penetration testing report. The tester should advise the client about the sensitive data that is exposed in the text file and the spreadsheet, including the usernames and passwords in cleartext, full names, roles, and serial numbers. By highlighting this vulnerability, the client will be able to take appropriate measures to secure their sensitive data, such as by protecting the file repository with proper access controls, implementing encryption, and putting in place a data governance policy. Creating a custom password dictionary as preparation for password spray testing is not a good action, as the passwords format has been revealed and they should be changed. Recommend using a password manager/vault instead of text files to store passwords securely, is a good action but is not the first step. Recommend configuring password complexity rules in all the systems and applications is a good action but is not the first step.
Your a penetration tester i believe you go through with testing and do A
D answer is correct
D - Document the unprotected file repository as a finding should be what the tester should do next. B - Is incorrect as the next thing the tester should do. Answer B - should form part of the remediation recommended by the tester after the penetration testing.
Yes D is correct answer
While all the given options may be relevant at different stages of the penetration testing process, the best action to take NEXT after discovering sensitive information in an unprotected network file repository is to document the finding. Documenting the findings as they are discovered ensures that all relevant information is captured and that the client is provided with accurate and comprehensive details about the security issues identified during the test. Recommendations for improving security, such as using a password manager/vault or configuring password complexity rules, would typically be included in the final report or discussed with the client after the testing is completed. So, the correct answer is: D. Document the unprotected file repository as a finding in the penetration-testing report.
A is surely the correct answer. The question asks what is the Next action to take, therefore the test proceeds. A is correct.
Document, document, document. Document every finding.
Why are you spraying? You have employee names, serials, and passwords. Why spray "John Doe's" password across all accounts if you know its John's password?
Also it says what would be the best action to take "NEXT" the caps are very important. Document then spray if you want.
D is correct