CompTIA CASP+ (CAS-003) — Question 230

A manufacturing company's security engineer is concerned a remote actor may be able to access the ICS that is used to monitor the factory lines. The security engineer recently proposed some techniques to reduce the attack surface of the ICS to the Chief Information Security Officer (CISO). Which of the following would
BEST track the reductions to show the CISO the engineer's plan is successful during each phase?

Answer options

• A. Conducting tabletop exercises to evaluate system risk
• B. Contracting a third-party auditor after the project is finished
• C. Performing pre- and post-implementation penetration tests
• D. Running frequent vulnerability scans during the project

Correct answer: C

Explanation

Performing pre- and post-implementation penetration tests (Option C) is the most effective way to show the CISO how successful the security engineer's measures are, as it directly assesses the security posture before and after changes. The other options, while useful, do not provide the same level of direct evidence regarding the effectiveness of the implemented security measures or are conducted at less relevant times.