CompTIA CASP+ (CAS-003) — Question 166

After several industry competitors suffered data loss as a result of cyberattacks, the Chief Operating Officer (COO) of a company reached out to the information security manager to review the organization's security stance. As a result of the discussion, the COO wants the organization to meet the following criteria:
✑ Blocking of suspicious websites
✑ Prevention of attacks based on threat intelligence
✑ Reduction in spam
✑ Identity-based reporting to meet regulatory compliance
✑ Prevention of viruses based on signature
✑ Protect applications from web-based threats
Which of the following would be the BEST recommendation the information security manager could make?

Answer options

• A. Reconfigure existing IPS resources
• B. Implement a WAF
• C. Deploy a SIEM solution
• D. Deploy a UTM solution
• E. Implement an EDR platform

Correct answer: D

Explanation

The best recommendation is to deploy a UTM solution because it integrates multiple security features, including web filtering, antivirus, intrusion detection/prevention, and spam filtering, addressing all the COO's security criteria. Other options, like a WAF or SIEM, may cover some aspects but do not provide the comprehensive protection needed against the specified threats.