CompTIA SecurityX (CAS-005) — Question 259

A security team is responding to malicious activity and needs to determine the scope of impact. The malicious activity appears to affect a certain version of an application used by the organization. Which of the following actions best enables the team to determine the scope of impact?

Answer options

• A. Performing a port scan
• B. Inspecting egress network traffic
• C. Reviewing the asset inventory
• D. Analyzing user behavior

Correct answer: C

Explanation

Reviewing the asset inventory is the best action because it helps the security team identify all instances of the affected application version within the organization. The other options, while useful for different purposes, do not directly provide information about the specific application versions in use across the organization.