Certified Network Defender (CND) — Question 145

Which of the following things need to be identified during attack surface visualization?

Answer options

• A. Attacker’s tools, techniques, and procedures
• B. Authentication, authorization, and auditing in networks
• C. Regulatory frameworks, standards and, procedures for organizations
• D. Assets, topologies, and policies of the organization

Correct answer: D

Explanation

The correct answer, D, is essential because understanding the organization's assets, their configurations, and associated policies is crucial for identifying potential vulnerabilities. Options A, B, and C focus on aspects that, while important in security, do not directly pertain to the visualization of the attack surface itself.