CompTIA CASP+ (CAS-003) — Question 57

To prepare for an upcoming audit, the Chief Information Security Officer (CISO) asks for all 1200 vulnerabilities on production servers to be remediated. The security engineer must determine which vulnerabilities represent real threats that can be exploited so resources can be prioritized to migrate the most dangerous risks. The CISO wants the security engineer to act in the same manner as would an external threat, while using vulnerability scan results to prioritize any actions.
Which of the following approaches is described?

Answer options

• A. Blue team
• B. Red team
• C. Black box
• D. White team

Correct answer: C

Explanation

The correct answer is C, Black box, which refers to a testing approach where the tester does not have prior knowledge of the internal workings of the application or system, simulating an external threat. The other options, such as Blue team and Red team, are focused on defensive and offensive security strategies, respectively, and White team typically involves overseeing and evaluating the teams rather than acting as an external threat.