hiexam
comptia · CS0-003 · Q428 · multiple_choice · topic_1

An analyst recommends that an EDR agent collect the source IP address, make a connection to the firewall, and create a…

An analyst recommends that an EDR agent collect the source IP address, make a connection to the firewall, and create a policy to block the malicious source IP address across the entire network automatically. Which of the following is the best option to help the analyst implement this recommendation?
  • A.SOAR
  • B.SIEM
  • C.SLA
  • D.IoC
Explanation
Selected Answer: A Correct SOAR (Security Orchestration, Automation, and Response) is a technology that allows organizations to automate and streamline their security processes. It enables security teams to define and automate workflows, including tasks like threat detection, incident response, and remediation.

Reference: examtopics_top_comment

Practice with progress tracking

Sign in to track wrong answers, get spaced-repetition reminders, and run timed exam mode.

Start tracked practicePricing