CompTIA PT0-003 Exam - Topic 1 Question 34 Discussion

Actual exam question for CompTIA's PT0-003 exam

Question #: 34
Topic #: 1

A tester is finishing an engagement and needs to ensure that artifacts resulting from the test are safely handled. Which of the following is the best procedure for maintaining client data privacy?

ARemove configuration changes and any tools deployed to compromised systems.

BSecurely destroy or remove all engagement-related data from testing systems.

CSearch through configuration files changed for sensitive credentials and remove them.

DShut down C2 and attacker infrastructure on premises and in the cloud.

Show Suggested Answer

Suggested Answer: B

At the end of a penetration test, handling sensitive data properly ensures compliance with legal, regulatory, and ethical guidelines.

Securely destroy or remove all engagement-related data (Option B):

Ensures confidentiality of test results.

Prevents unauthorized access to client information.

Methods include secure wiping tools (shred, sdelete), and encrypted storage deletion.

Incorrect options:

Option A (Remove configuration changes): Necessary but does not ensure complete data destruction.

Option C (Search for sensitive credentials): Important but does not address all artifacts.

Option D (Shut down C2 infrastructure): Important for OPSEC but does not address client data privacy.

by Lavonda at Apr 01, 2026, 04:56 AM

Limited Time Offer

25%

2 months ago

I think option B makes the most sense since securely destroying data is crucial for privacy. But I'm not entirely sure if that's the only step needed.

upvoted 0 times

...