CompTIA PenTest+ PT0-002 – Question087

Which of the following should a penetration tester do NEXT after identifying that an application being tested has already been compromised with malware?

A.
Analyze the malware to see what it does.
B. Collect the proper evidence and then remove the malware.
C. Do a root-cause analysis to find out how the malware got in.
D. Remove the malware immediately.
E. Stop the assessment and inform the emergency contact.

Correct Answer: D