CompTIA CySA+ (CS0-003) — Question 114

Which of the following is a useful tool for mapping, tracking, and mitigating identified threats and vulnerabilities with the likelihood and impact of occurrence?

Answer options

• A. Risk register
• B. Vulnerability assessment
• C. Penetration test
• D. Compliance report

Correct answer: A

Explanation

The correct answer is A, as a Risk register systematically records risks, assessing their likelihood and impact, which aids in managing threats. Options B and C focus on identifying vulnerabilities and testing security, respectively, without providing a comprehensive tracking mechanism. Option D relates to adherence to regulations rather than threat management.