CompTIA PenTest+ (PT0-003) — Question 139

Which of the following elements of a penetration test report can be used to most effectively prioritize the remediation efforts for all the findings?

Answer options

• A. Methodology
• B. Detailed findings list
• C. Risk score
• D. Executive summary

Correct answer: C

Explanation

The risk score provides a quantifiable measure of the severity and potential impact of each finding, allowing teams to prioritize their remediation efforts effectively. In contrast, the methodology outlines the testing process, the detailed findings list presents the issues identified, and the executive summary gives an overview, but none of these directly aid in prioritization like the risk score does.