A newly hired security analyst has joined an established SOC team. Not long after going through corporate orientation, a new attack method on web-based applications was publicly revealed. The security analyst immediately brings this new information to the team lead, but the team lead is not concerned about it.
Which of the following is the MOST likely reason for the team lead’s position?
A. The organization has accepted the risks associated with web-based threats.
B. The attack type does not meet the organization’s threat model.
C. Web-based applications are on isolated network segments.
D. Corporate policy states that NIPS signatures must be updated every hour.
How to PASS CAS-004 in First Attempt?FULL Printable PDF and Software. VALID exam to help you PASS. |
 |
A
A&C essentially say the same thing, but A is more accurate from an RMF perspective. if all web-based apps are isolated, then it makes sense the company has accepted the risk.
B. NO – just because a threat isn’t in a company’s threat model doesn’t mean they shouldn’t act on it. In many cases it’ll be required for regulatory compliance.
D. is irrelevant to this question.
B. The attack type does not meet the organization’s threat model.
B. The attack type does not meet the organization’s threat model.
There is no mention whether this company has Web App or not. All other answers are assumptions.
it’s not a concern because it has been mitigated or avoided. there is only one answer that satisfies avoidance or mitigation of this risk.
I don’t think it’s A – More likely, the attack type doesn’t meet the organization’s threat model. – B
I agree with your assessment. Why would the company outright accept all the the risk associated with web-based threats without proper investigation and mitigation attempts.