The correct answer is C.
OBJ-1.3: Scope creep is the condition that occurs when a client requests additional services after a SOW has been signed, and the project scope has been documented. This is not a condition that is limited to penetration testing, either. Practically every project manager or building contractor can provide examples of scope creep that happened with various projects. The big problem with scope creep is that it takes resources away from those documented in the SOW. It can also become a source of contention when it comes time to bill the client or complete the engagement.