CompTIA CySA+ (CS0-003) — Question 123

A manufacturer has hired a third-party consultant to assess the security of an OT network that includes both fragile and legacy equipment. Which of the following must be considered to ensure the consultant does no harm to operations?

Answer options

• A. Employing Nmap Scripting Engine scanning techniques
• B. Preserving the state of PLC ladder logic prior to scanning
• C. Using passive instead of active vulnerability scans
• D. Running scans during off-peak manufacturing hours

Correct answer: C

Explanation

The correct answer is C, as using passive vulnerability scans does not actively interact with the network, minimizing the risk of disrupting sensitive operations. Options A and B involve techniques that could potentially alter or damage the operational environment, while D, although safer, does not prevent the risk associated with active scans.