# CS0-003 — Question 428

**Type:** multiple_choice
**Topics:** topic_1

## Question

An analyst recommends that an EDR agent collect the source IP address, make a connection to the firewall, and create a policy to block the malicious source IP address across the entire network automatically. Which of the following is the best option to help the analyst implement this recommendation?

## Correct Answer

_See scenario._

## Explanation

Selected Answer: A
Correct
SOAR (Security Orchestration, Automation, and Response) is a technology that allows organizations to automate and streamline their security processes. It enables security teams to define and automate workflows, including tasks like threat detection, incident response, and remediation.

**Reference:** examtopics_top_comment

---
Source: https://hiexam.net/q/comptia/CS0-003/428  
Practice (tracked): https://hiexam.net/study/CS0-003/practice