CAS-005 · Question #470
CAS-005 Question #470: Real Exam Question with Answer & Explanation
The correct answer is B: Adversary emulation engagement. Adversary emulation engagement involves simulating realistic attack scenarios, including social engineering tactics, to test the effectiveness of existing security controls and employee response in a controlled environment.
Question
The ISAC for the retail industry recently released a report regarding social engineering tactics in which small groups create distractions for employees while other malicious individuals install advanced card skimmers on the payment systems. The Chief Information Security Officer (CISO) thinks that security awareness training, technical control implementations, and governance already in place is adequate to protect from this threat. The board would like to test these controls. Which of the following should the CISO recommend?
Options
- ADark web monitoring
- BAdversary emulation engagement
- CSupply chain risk consultation
- DTabletop exercises
Explanation
Adversary emulation engagement involves simulating realistic attack scenarios, including social engineering tactics, to test the effectiveness of existing security controls and employee response in a controlled environment.
Community Discussion
No community discussion yet for this question.