CompTIA PenTest+ (PT0-003) — Question 156

Which of the following components should a penetration tester include in an assessment report?

Answer options

• A. User activities
• B. Customer remediation plan
• C. Key management
• D. Attack narrative

Correct answer: D

Explanation

The correct answer, D, 'Attack narrative,' is essential as it provides a detailed account of the penetration testing process, including the methods used and vulnerabilities exploited. Options A, B, and C, while important in their own right, do not specifically outline the technical details of the assessment process, making them less relevant for inclusion in the main report.