exam questions

Exam CISSP All Questions

View all questions & answers for the CISSP exam

Exam CISSP topic 1 question 322 discussion

Actual exam question from ISC's CISSP
Question #: 322
Topic #: 1
[All CISSP Questions]

An established information technology (IT) consulting firm is considering acquiring a successful local startup. To gain a comprehensive understanding of the startup's security posture, which type of assessment provides the BEST information?

  • A. A security audit
  • B. A tabletop exercise
  • C. A penetration test
  • D. A security threat model
Show Suggested Answer Hide Answer
Suggested Answer: A 🗳️

Comments

Chosen Answer:
This is a voting comment (?). It is better to Upvote an existing comment if you don't have anything to add.
Switch to a voting comment New
InclusiveSTEAM
4 months, 3 weeks ago
Option A. a security audit, option A, provides the best comprehensive view of the startup's security posture, not a threat model. A security audit examines policies, procedures, controls, compliance, and other organizational security factors - the most complete assessment. While a threat model evaluates application design, it lacks organizational insights. for an overall security picture of the company during Mergers and Acquisitions (M&A) due diligence, the broader scope of a security audit would deliver the most valuable and complete risk profile.
upvoted 1 times
...
l00t
1 year, 1 month ago
Selected Answer: A
comprehensive, BEST ==> go with a full audit!
upvoted 3 times
jackdryan
10 months ago
A is correct
upvoted 1 times
...
...
Jamati
1 year, 4 months ago
Selected Answer: A
Doesn't the penetration test fall under security audit?
upvoted 1 times
oudmaster
1 year, 2 months ago
They cannot do PenTest because they did not yet acquire it.
upvoted 2 times
...
...
Community vote distribution
A (35%)
C (25%)
B (20%)
Other
Most Voted
A voting comment increases the vote count for the chosen answer by one.

Upvoting a comment with a selected answer will also increase the vote count towards that answer by one. So if you see a comment that you already agree with, you can upvote it instead of posting a new comment.

SaveCancel
Loading ...
exam
Someone Bought Contributor Access for:
SY0-701
London, 1 minute ago