CompTIA
PK0-004 · Question #230
PK0-004 Question #230: Real Exam Question with Answer & Explanation
The correct answer is A: Incident response. Suspicious code discovered during a software test signals a potential security threat or unauthorized modification, which is the type of event that initiates the incident response process.
Question
A quality auditor finds suspicious code during a software test. For which of the following could this be a trigger?
Options
- AIncident response
- BQuality control
- CResource changes
- DBusiness continuity response
Explanation
Suspicious code discovered during a software test signals a potential security threat or unauthorized modification, which is the type of event that initiates the incident response process.
Common mistakes.
- B. Quality control inspects deliverables against predetermined quality standards; suspicious code implies a security threat that exceeds the scope of a standard quality defect.
- C. Resource changes refer to modifications in personnel or project assets and are unrelated to detecting potentially malicious code.
- D. Business continuity response addresses maintaining operations during a major disruption or disaster, not a targeted code-level security finding.
Concept tested. Incident response triggers from suspicious software findings
Reference. https://nvlpubs.nist.gov/nistpubs/specialpublications/nist.sp.800-61r2.pdf
Community Discussion
No community discussion yet for this question.