CISA Certified Information Systems Auditor – Question1611 - CISA Certified Information Systems Auditor

When conducting a penetration test of an IT system, an organization should be MOST concerned with:

A. the confidentiality of the report.
B. finding all possible weaknesses on the system.
C. restoring all systems to the original state.
D. logging all changes made to the production system.

Correct Answer: C

Explanation:

Explanation:
All suggested items should be considered by the system owner before agreeing to penetration tests, but the most important task is to be able to restore all systems to their original state.
Information that is created and/or stored on the tested systems should be removed from these systems. If for some reason, at the end of the penetration test, this is not possible, all files (with their location) should be identified in the technical report so that the client’s technical staff will be able to remove these after the report has been received.