CompTIA SecurityX (CAS-005) — Question 24

A retail organization wants to properly test and verify its capabilities to detect and/or prevent specific TTPs as mapped to the MITRE ATTACK framework specific to APTs. Which of the following should be used by the organization to accomplish this goal?

Answer options

• A. Tabletop exercise
• B. Penetration test
• C. Sandbox detonation
• D. Honeypot

Correct answer: B

Explanation

The correct answer is B, Penetration test, as it involves simulating real-world attacks to evaluate the organization's security measures against APT tactics, techniques, and procedures. Options A, C, and D do not provide the same level of direct, actionable insights into the organization's defenses against specific APTs, making them less suitable for this purpose.