Final answer:
After completing the scope of penetration testing, a formal report needs to be submitted and the client needs to agree with the findings.
Step-by-step explanation:
When performing penetration testing, the next step after completing the scope is to compile a formal report. This report should include a detailed analysis of the findings and vulnerabilities discovered during the testing process.
When writing the report, it's important to structure it in a way that is clear and easy to understand. This can include sections such as an executive summary, methodology, findings, recommendations, and a conclusion.
Once the report is complete, it should be submitted to the client for review. It is important to communicate the findings and explain the potential risks or weaknesses in a professional and concise manner. Achieving client agreement may involve discussing the report with them, addressing any questions or concerns they may have, and providing further clarification if needed.