CompTIA Security+ (SY0-601) — Question 121

An organization’s Chief Security Officer (CSO) wants to validate the business’s involvement in the incident response plan to ensure its validity and thoroughness. Which of the following will the CSO MOST likely use?

Answer options

• A. An external security assessment
• B. A bug bounty program
• C. A tabletop exercise
• D. A red-team engagement

Correct answer: C

Explanation

The correct answer is C, a tabletop exercise, as it allows for a simulated scenario where team members discuss their roles and responses in an incident, ensuring the plan is effective. The other options, such as an external security assessment and a red-team engagement, focus on testing the security posture rather than validating the incident response plan, while a bug bounty program is aimed at identifying vulnerabilities through external researchers.