After compromising a system during a penetration testing engagement, all penetration work should be cleaned up, including extra files, system changes, and modified logs. The media sanitation methodology should be discussed with the client and the owner of the affected systems. What document guides media sanitation?

Oct 10, 2023 Last Updated: Oct 10, 2023 No Comments
Tweet Share Pin it
IT Questions BankCategory: Ethical HackerAfter compromising a system during a penetration testing engagement, all penetration work should be cleaned up, including extra files, system changes, and modified logs. The media sanitation methodology should be discussed with the client and the owner of the affected systems. What document guides media sanitation?

After compromising a system during a penetration testing engagement, all penetration work should be cleaned up, including extra files, system changes, and modified logs. The media sanitation methodology should be discussed with the client and the owner of the affected systems. What document guides media sanitation?

  • NIST SP 800-88
  • OWASP ZAP
  • OSSTMM
  • PCI DSS

Explanation: After a penetration testing engagement is complete, all the systems should be cleaned up. Logs should be suppressed, user accounts deleted, and any files that were created as well. A secure deletion method may be preferred. NIST Special Publication 800-88, Revision 1: "Guidelines for Media Sanitization," guides media sanitation. This methodology should be discussed with the client and the owner of the affected systems.

Exam with this question: 8.3.3 Quiz - Performing Post-Exploitation Techniques Answers

Subscribe
Notify of
guest

0 Comments
Inline Feedbacks
View all comments