A company is looking to assess their network's security posture to ensure compliance with industry best practices and to uncover potential weaknesses before they are exploited. What is the BEST approach to comprehensively evaluate the company's current network security measures and readiness against an attack?
Implementing an Intrusion Detection System (IDS) to monitor network traffic for suspicious activity
Performing a routine security risk assessment to evaluate control implementation
Conducting a vulnerability scan to identify all the known vulnerabilities within the network
Performing a penetration test to simulate a cyber attack scenario and identify response effectiveness