PT0-002 • Practice Test 35
Free PT0-002 practice test — 15 questions with explanations. Set 35. No signup required.
You are conducting a penetration test for a financial institution. The rules of engagement specify that you are not to access any production customer data. During the test, you discover a SQL injection vulnerability in a public-facing web application that allows you to extract customer personally identifiable information (PII). You successfully demonstrate the injection but do not extract any actual PII. According to ethical guidelines and the rules of engagement, what is the appropriate course of action?