CompTIA CASP+ (CAS-004) — Question 88
A company's SOC has received threat intelligence about an active campaign utilizing a specific vulnerability. The company would like to determine whether it is vulnerable to this active campaign.
Which of the following should the company use to make this determination?
Answer options
- A. Threat hunting
- B. A system penetration test
- C. Log analysis within the SIEM tool
- D. The Cyber Kill Chain
Correct answer: B
Explanation
A system penetration test is the most effective way to actively evaluate whether the company is susceptible to the specific vulnerability mentioned in the threat intelligence. Threat hunting focuses on finding potential threats rather than testing vulnerabilities, while log analysis may not provide direct insight into the vulnerability itself. The Cyber Kill Chain is a framework for understanding attack stages but does not directly assess vulnerabilities.