CompTIA CASP+ (CAS-003) — Question 314

An attacker has been compromising banking institution targets across a regional area. The Chief Information Security Officer (CISO) at a local bank wants to detect and prevent an attack before the bank becomes a victim. Which of the following actions should the CISO take?

Answer options

• A. Utilize cloud-based threat analytics to identify anomalous behavior in the company's B2B and vendor traffic
• B. Purchase a CASB solution to identify and control access to cloud-based applications and services and integrate them with on-premises legacy security monitoring
• C. Instruct a security engineer to configure the IDS to consume threat intelligence feeds from an information-sharing association in the banking sector
• D. Attend and present at the regional banking association lobbying group meetings each month and facilitate a discussion on the topic

Correct answer: C

Explanation

The correct answer is C because configuring the IDS to consume threat intelligence feeds allows the bank to proactively detect known threats and vulnerabilities specific to the banking sector. Options A and B focus on different aspects of security that do not directly address immediate threat detection. Option D, while beneficial for networking, does not provide the technical solution needed to prevent attacks.