Deal of The Day! Hurry Up, Grab the Special Discount - Save 25% - Ends In 00:00:00 Coupon code: SAVE25
Welcome to Pass4Success

- Free Preparation Discussions
Mail Us support@pass4success.com
Location US
Mob_nav_barsMENU

CompTIA Exam CS0-003 Topic 6 Question 12 Discussion

Actual exam question for CompTIA's CS0-003 exam
Question #: 12
Topic #: 6
[All CS0-003 Questions]

The Chief Information Security Officer for an organization recently received approval to install a new EDR solution. Following the installation, the number of alerts that require remediation by an analyst has tripled. Which of the following should the organization utilize to best centralize the workload for the internal security team? (Select two).

Show Suggested Answer Hide Answer
Suggested Answer: A, B

SOAR (Security Orchestration, Automation and Response) and SIEM (Security Information and Event Management) are solutions that can help centralize the workload for the internal security team by collecting, correlating, and analyzing alerts from different sources, such as EDR. SOAR can also automate and streamline incident response workflows, while SIEM can provide dashboards and reports for security monitoring and compliance. Reference: What is EDR? Endpoint Detection & Response, How Does the Cyber Kill Chain Protect Against Attacks?; What is EDR Solution?, EDR solutions secure diverse endpoints through central monitoring


by Danica at Jan 26, 2024, 09:14 PM

Limited Time Offer

25%

Off

Get Premium CS0-003 Questions as Interactive Web-Based Practice Test or PDF

Contribute your Thoughts:

Submit Cancel
Magdalene
8 days ago
What, no NGFW option? That's like the Swiss Army knife of security tools! Though I suppose an XDR solution could also help tie everything together. Decisions, decisions...
upvoted 0 times
...
Percy
9 days ago
I dunno, an MSP might be the way to go here. Outsourcing some of that security work could really take the pressure off the internal team. Though I guess you'd have to make sure the MSP knows what they're doing, am I right?
upvoted 0 times
...
Edelmira
10 days ago
Okay, let's see here. If we need to centralize the workload, I'd say a SOAR solution is a must. That'll help us automate some of those pesky remediation tasks. And a SIEM would be huge for pulling all that data together, you know?
upvoted 0 times
...
Tracey
11 days ago
Whoa, this question is a real head-scratcher! I'm not sure I'm thrilled about the EDR solution tripling the alerts, that sounds like a lot of extra work for the security team. But hey, at least they're being proactive, right?
upvoted 0 times
...

Save Cancel