PT0-003 · Question #279
PT0-003 Question #279: Real Exam Question with Answer & Explanation
The correct answer is B: Screenshots. Penetration Test Report: Supporting Evidence Screenshots serve as direct, visual evidence that supports and validates a tester's detailed findings - they provide irrefutable proof that a vulnerability was successfully exploited, showing exactly what the tester observed during the
Question
Which of the following should be included in a penetration test report to support the tester's detailed findings?
Options
- AMethodologies
- BScreenshots
- CVulnerabilities
- DRemediations
Explanation
Penetration Test Report: Supporting Evidence
Screenshots serve as direct, visual evidence that supports and validates a tester's detailed findings - they provide irrefutable proof that a vulnerability was successfully exploited, showing exactly what the tester observed during the test. Without supporting evidence like screenshots, findings remain unverified claims that clients and stakeholders may question or dispute.
Why the distractors are wrong:
- Methodologies (A) are included in a pentest report, but they describe the approach taken (e.g., OWASP, PTES) - they support the process, not the specific detailed findings themselves
- Vulnerabilities (C) are the actual findings themselves, not the supporting evidence for those findings
- Remediations (D) are recommendations for fixing issues and appear in a separate section of the report, not as supporting evidence for findings
The key distinction in this question is the phrase "support the tester's detailed findings" - supporting evidence must be concrete proof, which is exactly what screenshots provide.
🧠 Memory Tip: Think of a penetration test report like a court case - your findings are the accusations, but screenshots are the photographs/evidence that prove your case. You need proof, not just descriptions!
Topics
Community Discussion
No community discussion yet for this question.