Question

In a large company, a small team of employees is tasked with conducting monthly tests of security controls. Each month, they select a small number of controls, attempt to exploit vulnerabilities, and report results to management. This is an example of:

Answer 1

The question is incomplete, the options are missing. The options are the following:

a) Vulnerability scanning.

b) Red team exercises.

c) Penetration testing.

d) Risk analysis.

And the correct answer is the option B: Red team exercises.

Step-by-step explanation:

To begin with, in the area of cybersecurity and business management the term known as "Red Team" refers to method or technique used by the larges companies in the world whose main purpose is to complete exercises of cybersecurity breaches in where the "red team" has to attack the company in order to reach for the vulnerabilities of the organization's most important systems. In that situation, a blue team is the one in charge of defending the business' information. And it is all done with the purpose of getting feedback about what the real danger could be in a situation in the reality.

Answer 2

Vulnerability scanning

Step-by-step explanation:

Vulnerability scanning is aimed at identifying and classifying system weaknesses that can be exploited in a computer network or a company system.

The vulnerabilities are reported to management and this will guide countermeasures to prevent future security breaches.

So in the scenario where a small team of employees is tasked with conducting monthly tests of security controls by selecting a small number of controls and attempting to exploit vulnerabilities, they are doing vulnerability scanning.