nerdexam
(ISC)2

CAP · Question #156

Security Test and Evaluation (ST&E) is a component of risk assessment. It is useful in discovering system vulnerabilities. For what purposes is ST&E used? Each correct answer represents a complete sol

Sign in or unlock CAP to reveal the answer and full explanation for question #156. The question stem and answer options stay visible for context.

Assessment/Audit of Security and Privacy Controls

Question

Security Test and Evaluation (ST&E) is a component of risk assessment. It is useful in discovering system vulnerabilities. For what purposes is ST&E used? Each correct answer represents a complete solution. Choose all that apply.

Options

  • ATo implement the design of system architecture
  • BTo determine the adequacy of security mechanisms, assurances, and other properties to
  • CTo assess the degree of consistency between the system documentation and its implement
  • DTo uncover design, implementation, and operational flaws that may allow the violation of

Unlock CAP to see the answer

You've previewed enough free CAP questions. Unlock CAP for full answers, explanations, the timed quiz mode, progress tracking, and the master PDF. Question stem and options stay visible so you can still see what's on the exam.

Topics

#Security Testing#System Evaluation#Vulnerability Discovery#Security Controls Assessment
Full CAP Practice