CompTIA SecurityX (CAS-005) — Question 3

During an adversarial simulation exercise, an external team was able to gain access to sensitive information and systems without the organization detecting this activity. Which of the following mitigation strategies should the organization use to best resolve the findings?

Answer options

• A. Configuring a honeypot for adversary characterization
• B. Leveraging simulators for attackers
• C. Setting up a honey network for attackers
• D. Utilizing decoy accounts and documents

Correct answer: D

Explanation

Utilizing decoy accounts and documents is effective because it can misdirect attackers and provide insights into their methods without risking actual sensitive data. The other options, while useful in certain contexts, do not directly prevent access or detect intrusions in the same way that decoys can, making them less suitable for addressing the specific findings from the exercise.