ExamTopics Logo
Mail Us[email protected]
Menu
Comptia Discussions
exam questions

Exam CAS-003 All Questions

View all questions & answers for the CAS-003 exam
Go to Exam

Exam CAS-003 topic 1 question 3 discussion

Actual exam question from CompTIA's CAS-003
Question #: 3
Topic #: 1
[All CAS-003 Questions]

A company's Chief Operating Officer (COO) is concerned about the potential for competitors to infer proprietary information gathered from employees' social media accounts.

Which of the following methods should the company use to gauge its own social media threat level without targeting individual employees?

  • A. Utilize insider threat consultants to provide expertise.
  • B. Require that employees divulge social media accounts.
  • C. Leverage Big Data analytical algorithms.
  • D. Perform social engineering tests to evaluate employee awareness.
Show Suggested Answer Hide Answer
Suggested Answer: A 🗳️
by D1960 at Nov. 22, 2020, 5:30 p.m.

Comments

Chosen Answer:
This is a voting comment (?). It is better to Upvote an existing comment if you don't have anything to add.
Switch to a voting comment New
Submit Cancel
Neo2020
4 years, 4 months ago
dboy773 D would target a group of employees not individual employees.
upvoted 1 times
Trap_D0_r
4 years, 4 months ago
You can't social engineer a group of people, you have to do it one at a time. D would require you to target individual employees. A is the correct answer.
upvoted 2 times
D1960
4 years ago
You could send out a phishing email to group of employees. I don't know if that applies here. Maybe you could create a social media account, and ask about company information? You would not be targeting any individuals.
upvoted 1 times
...
...
...
D1960
4 years, 7 months ago
Maybe D. Perform social engineering tests to evaluate employee awareness? The answer: "Utilize insider threat consultants to provide expertise" tells us nothing about the method used to gauge social media threat. It simply suggests "let somebody else do it." Okay, but do *what* exactly? If "hire somebody else to do the job" is an acceptable answer, why not use that for everything?
upvoted 4 times
dboy773
4 years, 4 months ago
The question states: "without targeting individual employees" it can't be D because you would have to target your employees in order to perform social engineering tests. I would say A.
upvoted 3 times
D1960
3 years, 11 months ago
You do not have to target individuals in order to perform social engineering tests. You could send out a phishing email to all employees. You could create a fake social media account, and ask about company information.
upvoted 1 times
...
...
SoniSoni
3 years, 11 months ago
True, i was going to say A but your answer makes a lot of sense. now... what if group social engineering attacks count as individual attacks when counting the number of victims that fell for it though?
upvoted 2 times
...
...
Community vote distribution
A (35%)
C (25%)
B (20%)
Other
Most Voted
A voting comment increases the vote count for the chosen answer by one.

Upvoting a comment with a selected answer will also increase the vote count towards that answer by one. So if you see a comment that you already agree with, you can upvote it instead of posting a new comment.

SaveCancel