CompTIA PenTest+ (PT0-001) — Question 91

A company performed an annual penetration test of its environment. In addition to several new findings, all of the previously identified findings persisted on the latest report. Which of the following is the MOST likely reason?

Answer options

• A. Infrastructure is being replaced with similar hardware and software.
• B. Systems administrators are applying the wrong patches.
• C. The organization is not taking action to remediate identified findings.
• D. The penetration testing tools were misconfigured.

Correct answer: C

Explanation

The most likely reason for the persistent findings is that the organization is not taking action to remediate identified findings, which is option C. Options A, B, and D suggest external factors or misconfigurations that would not directly explain the lack of remediation for previously identified issues.