The Chief Information Security Officer (CISO) has outlined a five-year plan for the company that includes the following: • Implement an application security program. • Reduce the click rate on phishing simulations from 73% to 8%. • Deploy EDR to all workstations and servers. • Ensure all systems are sending logs to the SIEM. • Reduce the percentage of systems with vulnerabilities from 89% to 5%. Which of the following would BEST aid the CISO in determining whether these goals are obtainable? A. An asset inventory B. A third-party audit C. A risk assessment D. An organizational CMMI Suggested Answer: D Community Answer: C This question is in CAS-004 CompTIA Advanced Security Practitioner (CASP+) Exam For getting CompTIA Advanced Security Practitioner (CASP+) Certificate Disclaimers: The website is not related to, affiliated with, endorsed or authorized by CompTIA. Trademarks, certification & product names are used for reference only and belong to CompTIA. The website does not contain actual questions and answers from CompTIA's Certification Exams.
Please login or Register to submit your answer