CompTIA
CAS-003 · Question #397
CAS-003 Question #397: Real Exam Question with Answer & Explanation
Sign in or unlock CAS-003 to reveal the answer and full explanation for question #397. The question stem and answer options stay visible for context.
Question
A security analyst has been asked to create a list of external IT security concerns, which are applicable to the organization. The intent is to show the different types of external actors, their attack vectors, and the types of vulnerabilities that would cause business impact. The Chief Information Security Officer (CISO) will then present this list to the board to request funding for controls in areas that have insufficient coverage. Which of the following exercise types should the analyst perform?
Options
- ASummarize the most recently disclosed vulnerabilities.
- BResearch industry best practices and latest RFCs.
- CUndertake an external vulnerability scan and penetration test.
- DConduct a threat modeling exercise.
Unlock CAS-003 to see the answer
You've previewed enough free CAS-003 questions. Unlock CAS-003 for full answers, explanations, the timed quiz mode, progress tracking, and the master PDF. Question stem and options stay visible so you can still see what's on the exam.