CompTIA Security+ (SY0-601) — Question 333

Which of the following would a security analyst use to determine if other companies in the same sector have seen similar malicious activity against their systems?

Answer options

• A. Vulnerability scanner
• B. Open-source intelligence
• C. Packet capture
• D. Threat feeds

Correct answer: D

Explanation

Threat feeds provide aggregated intelligence about threats and malicious activities that have affected various organizations, making them crucial for understanding sector-wide trends. In contrast, vulnerability scanners identify security weaknesses within a specific system, open-source intelligence gathers publicly available data, and packet capture focuses on network traffic analysis, none of which directly inform about industry-wide malicious trends.