Explanation should include
- differentiating between penetration testing and ethical hacking
- reviewing steps taken by a penetration tester
- verifying a threat exists
- bypassing security controls
- testing security controls
- exploiting vulnerabilities
- reviewing penetration testing techniques
- reconnaissance phase techniques
- initial exploitation
- persistence
- escalation of privileges and pivot.