(ISC)2(ISC)2
CAP · Question #156
CAP Question #156: Real Exam Question with Answer & Explanation
The correct answer is B: To determine the adequacy of security mechanisms, assurances, and other properties to. See the full explanation below for the reasoning.
Assessment/Audit of Security and Privacy Controls
Question
Security Test and Evaluation (ST&E) is a component of risk assessment. It is useful in discovering system vulnerabilities. For what purposes is ST&E used? Each correct answer represents a complete solution. Choose all that apply.
Options
- ATo implement the design of system architecture
- BTo determine the adequacy of security mechanisms, assurances, and other properties to
- CTo assess the degree of consistency between the system documentation and its implement
- DTo uncover design, implementation, and operational flaws that may allow the violation of
Topics
#Security Testing#System Evaluation#Vulnerability Discovery#Security Controls Assessment
Community Discussion
No community discussion yet for this question.