CompTIA PenTest+ (PT0-001) — Question 136

A penetration tester used an ASP.NET web shell to gain access to a web application, which allowed the tester to pivot in the corporate network. Which of the following is the MOST important follow-up activity to complete after the tester delivers the report?

Answer options

• A. Removing shells
• B. Obtaining client acceptance
• C. Removing tester-created credentials
• D. Documenting lessons learned
• E. Presenting attestation of findings

Correct answer: E

Explanation

The most crucial follow-up activity is presenting attestation of findings, as it ensures that the client understands the vulnerabilities and the implications of the tester's work. While other options like removing shells and credentials are important for security, they do not address the need to formally communicate the results and ensure the client is aware of the findings.