Deal of The Day! Hurry Up, Grab the Special Discount - Save 25% - Ends In 00:00:00 Coupon code: SAVE25
Welcome to Pass4Success

- Free Preparation Discussions
Mail Us support@pass4success.com
Location US
Mob_nav_barsMENU

CompTIA Exam CS0-003 Topic 6 Question 12 Discussion

Actual exam question for CompTIA's CS0-003 exam
Question #: 12
Topic #: 6
[All CS0-003 Questions]

The Chief Information Security Officer for an organization recently received approval to install a new EDR solution. Following the installation, the number of alerts that require remediation by an analyst has tripled. Which of the following should the organization utilize to best centralize the workload for the internal security team? (Select two).

Show Suggested Answer Hide Answer
Suggested Answer: A, B

SOAR (Security Orchestration, Automation and Response) and SIEM (Security Information and Event Management) are solutions that can help centralize the workload for the internal security team by collecting, correlating, and analyzing alerts from different sources, such as EDR. SOAR can also automate and streamline incident response workflows, while SIEM can provide dashboards and reports for security monitoring and compliance. Reference: What is EDR? Endpoint Detection & Response, How Does the Cyber Kill Chain Protect Against Attacks?; What is EDR Solution?, EDR solutions secure diverse endpoints through central monitoring


by Danica at Jan 26, 2024, 09:14 PM

Limited Time Offer

25%

Off

Get Premium CS0-003 Questions as Interactive Web-Based Practice Test or PDF

Contribute your Thoughts:

Submit Cancel
Magdalene
1 years ago
What, no NGFW option? That's like the Swiss Army knife of security tools! Though I suppose an XDR solution could also help tie everything together. Decisions, decisions...
upvoted 0 times
...
Percy
1 years ago
I dunno, an MSP might be the way to go here. Outsourcing some of that security work could really take the pressure off the internal team. Though I guess you'd have to make sure the MSP knows what they're doing, am I right?
upvoted 0 times
Cyndy
11 months ago
E) XDR
upvoted 0 times
...
Mignon
11 months ago
B) SIEM
upvoted 0 times
...
Dannette
11 months ago
That's a good point, but we should also consider implementing a SIEM solution to better manage and monitor the increased alerts.
upvoted 0 times
...
Lonna
12 months ago
I agree, using an MSP could definitely help centralized the workload and take some pressure off the internal team.
upvoted 0 times
...
Tiera
12 months ago
E) XDR
upvoted 0 times
...
Florinda
12 months ago
C) MSP
upvoted 0 times
...
Hollis
12 months ago
B) SIEM
upvoted 0 times
...
Luisa
12 months ago
A) SOAR
upvoted 0 times
...
...
Edelmira
1 years ago
Okay, let's see here. If we need to centralize the workload, I'd say a SOAR solution is a must. That'll help us automate some of those pesky remediation tasks. And a SIEM would be huge for pulling all that data together, you know?
upvoted 0 times
...
Tracey
1 years ago
Whoa, this question is a real head-scratcher! I'm not sure I'm thrilled about the EDR solution tripling the alerts, that sounds like a lot of extra work for the security team. But hey, at least they're being proactive, right?
upvoted 0 times
...

Save Cancel