CompTIA CASP+ (CAS-003) — Question 363

Which of the following BEST represents a risk associated with merging two enterprises during an acquisition?

Answer options

• A. The consolidation of two different IT enterprises increases the likelihood of the data loss because there are now two backup systems
• B. Integrating two different IT systems might result in a successful data breach if threat intelligence is not shared between the two enterprises
• C. Merging two enterprise networks could result in an expanded attack surface and could cause outages if trust and permission issues are not handled carefully
• D. Expanding the set of data owners requires an in-depth review of all data classification decisions, impacting availability during the review

Correct answer: C

Explanation

The correct answer, C, highlights that merging networks can increase vulnerabilities and lead to outages if trust and permissions are not properly established. Option A is incorrect because it focuses on data loss from backup systems rather than security risks. Option B is misleading, as it suggests a breach is dependent solely on threat intelligence sharing, which is not the main concern during a merger. Option D addresses data classification but does not directly relate to the security risks of network integration.