Which statement BEST defines lateral movement in a penetration test?

Lateral movement is the attacker’s process of moving from one compromised system to other systems within the network to expand access, often by using valid credentials or tokens to authenticate to neighboring hosts and continue discovery and exploitation. The statement that describes using valid credentials to access adjacent systems and continue enumeration best captures this behavior because it highlights hopping from one machine to another within the environment to map out the network, gain access to more assets, and extend control. This contrasts with escalating privileges on the same host, which is privilege escalation rather than movement across systems. Scanning external surfaces is external reconnaissance, not movement inside the network. Deleting security logs is a defense-evasion action, not movement between hosts.