CompTIA PenTest+ (PT1-002) — Question 35

Which of the following are the MOST important items to include in the final report for a penetration test? (Choose two.)

Answer options

• A. The CVSS score of the finding
• B. The network location of the vulnerable device
• C. The vulnerability identifier
• D. The client acceptance form
• E. The name of the person who found the flaw
• F. The tool used to find the issue

Correct answer: B, C

Explanation

The network location of the vulnerable device (B) and the vulnerability identifier (C) are crucial for understanding the specific risks and how to address them. Other options like the CVSS score (A) and the name of the person who found the flaw (E) may provide context but do not directly assist in remediation, while the tool used (F) is less relevant to the report's final actionable insights.