An established information technology (IT) consulting firm is considering acquiring a successful local startup. To gain a comprehensive understanding of the startup's security posture, which type of assessment provides the BEST information?
Option A.
a security audit, option A, provides the best comprehensive view of the startup's security posture, not a threat model.
A security audit examines policies, procedures, controls, compliance, and other organizational security factors - the most complete assessment.
While a threat model evaluates application design, it lacks organizational insights.
for an overall security picture of the company during Mergers and Acquisitions (M&A) due diligence, the broader scope of a security audit would deliver the most valuable and complete risk profile.
They cannot do PenTest because they did not yet acquire it.
upvoted 2 times
...
...
Log in to ExamTopics
Sign in:
Community vote distribution
A (35%)
C (25%)
B (20%)
Other
Most Voted
A voting comment increases the vote count for the chosen answer by one.
Upvoting a comment with a selected answer will also increase the vote count towards that answer by one.
So if you see a comment that you already agree with, you can upvote it instead of posting a new comment.
InclusiveSTEAM
4 months, 3 weeks agol00t
1 year, 1 month agojackdryan
10 months agoJamati
1 year, 4 months agooudmaster
1 year, 2 months ago