Cyber Monday 2024! Hurry Up, Grab the Special Discount - Save 25% - Ends In 00:00:00 Coupon code: SAVE25
Welcome to Pass4Success

- Free Preparation Discussions

CompTIA Exam CS0-003 Topic 6 Question 12 Discussion

Actual exam question for CompTIA's CS0-003 exam
Question #: 12
Topic #: 6
[All CS0-003 Questions]

The Chief Information Security Officer for an organization recently received approval to install a new EDR solution. Following the installation, the number of alerts that require remediation by an analyst has tripled. Which of the following should the organization utilize to best centralize the workload for the internal security team? (Select two).

Show Suggested Answer Hide Answer
Suggested Answer: A, B

SOAR (Security Orchestration, Automation and Response) and SIEM (Security Information and Event Management) are solutions that can help centralize the workload for the internal security team by collecting, correlating, and analyzing alerts from different sources, such as EDR. SOAR can also automate and streamline incident response workflows, while SIEM can provide dashboards and reports for security monitoring and compliance. Reference: What is EDR? Endpoint Detection & Response, How Does the Cyber Kill Chain Protect Against Attacks?; What is EDR Solution?, EDR solutions secure diverse endpoints through central monitoring


Contribute your Thoughts:

Magdalene
8 months ago
What, no NGFW option? That's like the Swiss Army knife of security tools! Though I suppose an XDR solution could also help tie everything together. Decisions, decisions...
upvoted 0 times
...
Percy
8 months ago
I dunno, an MSP might be the way to go here. Outsourcing some of that security work could really take the pressure off the internal team. Though I guess you'd have to make sure the MSP knows what they're doing, am I right?
upvoted 0 times
Cyndy
7 months ago
E) XDR
upvoted 0 times
...
Mignon
7 months ago
B) SIEM
upvoted 0 times
...
Dannette
7 months ago
That's a good point, but we should also consider implementing a SIEM solution to better manage and monitor the increased alerts.
upvoted 0 times
...
Lonna
8 months ago
I agree, using an MSP could definitely help centralized the workload and take some pressure off the internal team.
upvoted 0 times
...
Tiera
8 months ago
E) XDR
upvoted 0 times
...
Florinda
8 months ago
C) MSP
upvoted 0 times
...
Hollis
8 months ago
B) SIEM
upvoted 0 times
...
Luisa
8 months ago
A) SOAR
upvoted 0 times
...
...
Edelmira
8 months ago
Okay, let's see here. If we need to centralize the workload, I'd say a SOAR solution is a must. That'll help us automate some of those pesky remediation tasks. And a SIEM would be huge for pulling all that data together, you know?
upvoted 0 times
...
Tracey
8 months ago
Whoa, this question is a real head-scratcher! I'm not sure I'm thrilled about the EDR solution tripling the alerts, that sounds like a lot of extra work for the security team. But hey, at least they're being proactive, right?
upvoted 0 times
...

Save Cancel