CompTIA CASP+ (CAS-004) — Question 248

A company has retained the services of a consultant to perform a security assessment. As part of the assessment, the consultant recommends engaging with others in the industry to collaborate in regards to emerging attacks. Which of the following would BEST enable this activity?

Answer options

• A. ISAC
• B. OSINT
• C. CVSS
• D. Threat modeling

Correct answer: A

Explanation

The correct answer is ISAC, which stands for Information Sharing and Analysis Center, designed specifically for industries to share information about cyber threats and vulnerabilities. OSINT refers to Open Source Intelligence, which is useful for gathering data but does not facilitate industry collaboration. CVSS is a scoring system for vulnerabilities, and Threat modeling is a process for identifying potential security threats but does not directly relate to collaboration.