ExamTopics Logo
Mail Us[email protected]
Menu
Comptia Discussions
exam questions

Exam CS0-003 All Questions

View all questions & answers for the CS0-003 exam
Go to Exam

Exam CS0-003 topic 1 question 242 discussion

Actual exam question from CompTIA's CS0-003
Question #: 242
Topic #: 1
[All CS0-003 Questions]

A Chief Information Security Officer (CISO) is concerned that a specific threat actor who is known to target the company’s business type may be able to breach the network and remain inside of it for an extended period of time. Which of the following techniques should be performed to meet the CISO’s goals?

  • A. Vulnerability scanning
  • B. Adversary emulation
  • C. Passive discovery
  • D. Bug bounty
Show Suggested Answer Hide Answer
Suggested Answer: B 🗳️
by Chiniwini at July 28, 2024, 3:06 p.m.

Comments

Chosen Answer:
This is a voting comment (?). It is better to Upvote an existing comment if you don't have anything to add.
Switch to a voting comment New
Submit Cancel
gomet2000
10 months, 2 weeks ago
Selected Answer: B
Adversary emulation involves simulating the tactics, techniques, and procedures (TTPs) of specific threat actors that are known to target an organization or its industry. By doing so, the organization can assess its ability to detect, respond to, and recover from a breach by these threat actors. This approach allows the security team to see how well the existing defenses work against realistic threats and to identify gaps where improvements are needed. This technique is particularly useful when the concern is not just about whether a breach can occur, but how long an attacker could remain undetected in the network, which aligns with the CISO's concern. The other options, while useful in different contexts, do not directly address the CISO's specific concern.
upvoted 4 times
...
Chiniwini
11 months, 1 week ago
Selected Answer: B
Adversary emulation involves simulating the tactics, techniques, and procedures (TTPs) of known threat actors to test the effectiveness of an organization’s defenses. By emulating the specific threat actor that targets the company’s business type, the organization can better understand how the attacker might breach the network and what actions they might take once inside. This helps in improving detection and response capabilities.
upvoted 4 times
...
Community vote distribution
A (35%)
C (25%)
B (20%)
Other
Most Voted
A voting comment increases the vote count for the chosen answer by one.

Upvoting a comment with a selected answer will also increase the vote count towards that answer by one. So if you see a comment that you already agree with, you can upvote it instead of posting a new comment.

SaveCancel