CompTIA PenTest+ (PT0-003) — Question 164

Given the following statements:
Implement a web application firewall.
Upgrade end-of-life operating systems.
Implement a secure software development life cycle.
In which of the following sections of a penetration test report would the above statements be found?

Answer options

• A. Executive summary
• B. Attack narrative
• C. Detailed findings
• D. Recommendations

Correct answer: D

Explanation

The correct answer is D, Recommendations, as this section typically offers suggestions for improving security based on the findings of the penetration test. The other options, such as Executive summary, Attack narrative, and Detailed findings, summarize or detail the test process and results rather than suggesting actions to take.