Which of the following is a PRIMARY benefit of using a formalized security testing report format and structure?

– by 2

Which of the following is a PRIMARY benefit of using a formalized security testing report format and structure?
A. Executive audiences will understand the outcomes of testing and most appropriate next steps for corrective actions to be taken
B. Technical teams will understand the testing objectives, testing strategies applied, and business risk associated with each vulnerability
C. Management teams will understand the testing objectives and reputational risk to the organization
D. Technical and management teams will better understand the testing objectives, results of each test phase, and potential impact levels

Download Printable PDF. VALID exam to help you PASS.

2 thoughts on “Which of the following is a PRIMARY benefit of using a formalized security testing report format and structure?

  1. I think “A” is the executive summary.
    Senior management does not need to understand detailed skills.
    They need information about their business risks and need to understand the issues they need to make decisions about.
    The Executive Summary is a concise, clear report to be produced after testing is complete.

    I am a penetration tester, and I have prepared an executive summary for senior management and a detailed report for management engineers as results reporting materials.
    A detailed report for administrative technicians is long enough to be omitted, but the main purpose is to be described in “D”.

    3
    Reply

  2. I can’t find the source of this answer… Why A is not incorrect, or Why D is best answer.
    I would appreciate if someone give the explanation.

    Reply

Leave a Reply

Your email address will not be published. Required fields are marked *


The reCAPTCHA verification period has expired. Please reload the page.