Under the -Post-attack Phase and Activities-, it is the responsibility of the tester to restore the

Under the -Post-attack Phase and Activities-, it is the responsibility of the tester to restore the systems to a pre-test state.

Which of the following activities should not be included in this phase? (see exhibit)

Exhibit:

A. III

B. IV

C. III and IV

D. All should be included.

The post-attack phase revolves around returning any modified system(s) to the pretest state. Examples of such activities:

• Removal of any files, tools, exploits, or other test-created objects uploaded to the system during testing
• Removal or reversal of any changes to the registry made during system testing

References: Computer and Information Security Handbook, John R. Vacca (2012), page 531