CompTIA CASP+ (CAS-003) — Question 114

Following a recent data breach, a company has hired a new Chief Information Security Officer (CISO). The CISO is very concerned about the response time to the previous breach and wishes to know how the security team expects to react to a future attack. Which of the following is the BEST method to achieve this goal while minimizing disruption?

Answer options

• A. Perform a black box assessment
• B. Hire an external red team audit
• C. Conduct a tabletop exercise.
• D. Recreate the previous breach.
• E. Conduct an external vulnerability assessment.

Correct answer: C

Explanation

The correct answer, conducting a tabletop exercise, allows the security team to collaboratively discuss and practice response strategies in a low-pressure setting, ensuring effective preparation for potential attacks. Other options, such as hiring a red team or performing external assessments, may provide insights but can disrupt normal operations and do not specifically focus on response strategy in a controlled manner.