CompTIA PenTest+ (PT1-002) — Question 48

Which of the following BEST describes why a client would hold a lessons-learned meeting with the penetration-testing team?

Answer options

• A. To provide feedback on the report structure and recommend improvements
• B. To discuss the findings and dispute any false positives
• C. To determine any processes that failed to meet expectations during the assessment
• D. To ensure the penetration-testing team destroys all company data that was gathered during the test

Correct answer: C

Explanation

The correct answer, C, highlights the importance of evaluating processes that may have fallen short during the penetration test, which is crucial for improving future assessments. Option A focuses on feedback about the report structure, which is less critical than understanding process failures. Option B deals with disputing findings rather than learning from the overall process, and option D is irrelevant as data destruction is typically a standard procedure and not the focus of a lessons-learned meeting.