What is NOT a common part of a cleanup process after a penetration test?

Rootkits are malicious software that are designed to hide their presence and maintain unauthorized access to a system. In a penetration test, the objective is to identify vulnerabilities and assess the security of a system, including the detection and removal of any rootkits or other security threats. Therefore, the standard practice is to remove any rootkits discovered during the test rather than restoring them to their original settings.