CompTIA PenTest+ (PT0-002) — Question 307

In a standard engagement, a post-report document is provided outside of the report. This document:

• Does not contain specific findings
• Exposes vulnerabilities
• Can be shared publicly with outside parties that do not have an in-depth understanding about the client's network

Which of the following documents is described?

Answer options

• A. Attestation letter
• B. Findings report
• C. Executive summary
• D. Non-disclosure agreement

Correct answer: C

Explanation

The correct answer is C, the Executive summary, as it summarizes key points without revealing specific findings and is intended for a broader audience. The Attestation letter (A) typically verifies compliance or standards, the Findings report (B) includes detailed vulnerabilities and findings, and the Non-disclosure agreement (D) is a legal document preventing the sharing of sensitive information.