CompTIA Security+ (SY0-701) — Question 236

An organization requests a third-party full-spectrum analysis of its supply chain. Which of the following would the analysis team use to meet this requirement?

Answer options

• A. Vulnerability scanner
• B. Penetration test
• C. SCAP
• D. Illumination tool

Correct answer: D

Explanation

The correct answer is D, as the Illumination tool is specifically designed for in-depth analysis of supply chain components. Options A and B, the Vulnerability scanner and Penetration test, focus on identifying security weaknesses rather than providing a full-spectrum analysis. SCAP is a framework for compliance and security, but it does not deliver the comprehensive insights needed for a supply chain evaluation.