3d • 🙋♂️ CISSP
CISSP Question ( like real)
A multinational managed security service provider is conducting an authorized red-team assisted assessment for a client operating in multiple jurisdictions. During covert infrastructure mapping inside a sandboxed forensic workspace, the tester finds encrypted archives stored in a hidden directory. Metadata analysis suggests the archives may contain illegal high-risk content unrelated to the engagement scope. The client's operations director insists that the tester ignore the discovery because the engagement contract contains a strict non-expansion clause limiting investigation to predefined assets. What is the best course of action?
A. Preserve relevant evidence and report the finding to law enforcement authorities.
B. Immediately destroy the files to eliminate operational risk for the client.
C. Notify only ISC2 and wait for official direction.
D. Continue testing only within the original asset scope and ignore the discovered data.
0
3 comments
CISSP Question ( like real)
skool.com/cybersecurity-study-group
Share resources, get advice, and connect with peers studying cybersecurity. Join our CISSP study group and connect with fellow professionals today!
Leaderboard (30-day)
1
+34
2
+31
3
+28
4
+26
5
+25
Powered by