CompTIA PenTest+ (PT0-002) — Question 207

Which of the following best describes why a client would hold a lessons-learned meeting with the penetration-testing team?

Answer options

• A. To provide feedback on the report structure and recommend improvements
• B. To discuss the findings and dispute any false positives
• C. To determine any processes that failed to meet expectations during the assessment
• D. To ensure the penetration-testing team destroys all company data that was gathered during the test

Correct answer: C

Explanation

The correct answer is C because a lessons-learned meeting focuses on evaluating what went wrong or right during the assessment, particularly regarding processes. Options A and B are related to feedback and disputes but do not address the primary goal of assessing failures, while D is not relevant to the purpose of a lessons-learned meeting.