PT0-003
Post-Exploitation and Lateral Movement
hard
Question 4 of 14

After completing a penetration test, a tester is in the cleanup phase and wants to remove all artifacts left on compromised systems. Which artifact type is MOST critical to remove to reduce evidence of the engagement?

ATemporary files created during enumeration
BWeb shells, backdoors, and persistence mechanisms installed during the test
CLog files generated by legitimate system services
DThe target's firewall rules

More Post-Exploitation and Lateral Movement Questions

14 questions

Full CompTIA PenTest+ Practice Test

All topics covered

All CompTIA PenTest+ Questions

Browse by topic

Related Questions

Which term describes the technique of maintaining access to a compromised system across reboots or c...

easy

A penetration tester has compromised a Windows workstation in a domain environment and wants to move...

medium

After compromising a Linux web server, a penetration tester wants to establish persistence without c...

hard

A penetration tester has compromised a host within a target network and wants to access an internal ...

medium

A penetration tester has gained access to a Windows domain environment and uses BloodHound to analyz...

hard
View all Post-Exploitation and Lateral Movement questions

Educational Content — CertQnA practice questions are written against official exam objectives, covering the same domains tested on the real exam. All content is original and independent — not actual exam questions, not affiliated with any certification vendor. Learn more about our content policy

Discussion

Be the first to share your understanding of this concept

⚠️ Discussion is for concept clarification only. Do not share or request actual exam questions or answers.

Sign in to join the discussion

Sign InCreate free account