Deal of The Day! Hurry Up, Grab the Special Discount - Save 25% - Ends In 00:00:00 Coupon code: SAVE25
Welcome to Pass4Success

- Free Preparation Discussions
Mail Us support@pass4success.com
Location US
Mob_nav_barsMENU

CompTIA Exam CS0-003 Topic 6 Question 12 Discussion

Actual exam question for CompTIA's CS0-003 exam
Question #: 12
Topic #: 6
[All CS0-003 Questions]

The Chief Information Security Officer for an organization recently received approval to install a new EDR solution. Following the installation, the number of alerts that require remediation by an analyst has tripled. Which of the following should the organization utilize to best centralize the workload for the internal security team? (Select two).

Show Suggested Answer Hide Answer
Suggested Answer: A, B

SOAR (Security Orchestration, Automation and Response) and SIEM (Security Information and Event Management) are solutions that can help centralize the workload for the internal security team by collecting, correlating, and analyzing alerts from different sources, such as EDR. SOAR can also automate and streamline incident response workflows, while SIEM can provide dashboards and reports for security monitoring and compliance. Reference: What is EDR? Endpoint Detection & Response, How Does the Cyber Kill Chain Protect Against Attacks?; What is EDR Solution?, EDR solutions secure diverse endpoints through central monitoring


by Danica at Jan 26, 2024, 09:14 PM

Limited Time Offer

25%

Off

Get Premium CS0-003 Questions as Interactive Web-Based Practice Test or PDF

Contribute your Thoughts:

Submit Cancel
Magdalene
7 months ago
What, no NGFW option? That's like the Swiss Army knife of security tools! Though I suppose an XDR solution could also help tie everything together. Decisions, decisions...
upvoted 0 times
...
Percy
7 months ago
I dunno, an MSP might be the way to go here. Outsourcing some of that security work could really take the pressure off the internal team. Though I guess you'd have to make sure the MSP knows what they're doing, am I right?
upvoted 0 times
Cyndy
6 months ago
E) XDR
upvoted 0 times
...
Mignon
6 months ago
B) SIEM
upvoted 0 times
...
Dannette
6 months ago
That's a good point, but we should also consider implementing a SIEM solution to better manage and monitor the increased alerts.
upvoted 0 times
...
Lonna
6 months ago
I agree, using an MSP could definitely help centralized the workload and take some pressure off the internal team.
upvoted 0 times
...
Tiera
6 months ago
E) XDR
upvoted 0 times
...
Florinda
6 months ago
C) MSP
upvoted 0 times
...
Hollis
6 months ago
B) SIEM
upvoted 0 times
...
Luisa
6 months ago
A) SOAR
upvoted 0 times
...
...
Edelmira
7 months ago
Okay, let's see here. If we need to centralize the workload, I'd say a SOAR solution is a must. That'll help us automate some of those pesky remediation tasks. And a SIEM would be huge for pulling all that data together, you know?
upvoted 0 times
...
Tracey
7 months ago
Whoa, this question is a real head-scratcher! I'm not sure I'm thrilled about the EDR solution tripling the alerts, that sounds like a lot of extra work for the security team. But hey, at least they're being proactive, right?
upvoted 0 times
...

Save Cancel