CompTIA CASP+ (CAS-004) — Question 89

An organization recently experienced a ransomware attack. The security team leader is concerned about the attack reoccurring. However, no further security measures have been implemented.
Which of the following processes can be used to identify potential prevention recommendations?

Answer options

• A. Detection
• B. Remediation
• C. Preparation
• D. Recovery

Correct answer: C

Explanation

The correct answer is C, Preparation, as it focuses on establishing measures and strategies to prevent future attacks. Detection involves identifying threats, Remediation is about fixing issues after an attack, and Recovery pertains to restoring systems post-incident, none of which directly address prevention.