CompTIA CASP+ (CAS-004) — Question 470

During an adversarial simulation exercise, an external team was able to gain access to sensitive information and systems without the organization detecting this activity. Which of the following mitigation strategies should the organization use to best resolve the findings?

Answer options

• A. Configuring a honeypot for adversary characterization
• B. Leveraging simulators for attackers
• C. Setting up a honey network for attackers
• D. Utilizing decoy accounts and documents

Correct answer: D

Explanation

The correct answer is D because utilizing decoy accounts and documents can mislead potential attackers and help in detecting unauthorized access attempts. Options A and C involve honeypots and honey networks, which are useful but do not directly address the issue of detecting intrusions. Option B focuses on simulators, which don't provide real-time detection or mitigation for actual threats.