CompTIA CASP+ (CAS-004) — Question 25

A company has hired a security architect to address several service outages on the endpoints due to new malware. The Chief Executive Officer's laptop was impacted while working from home. The goal is to prevent further endpoint disruption. The edge network is protected by a web proxy.
Which of the following solutions should the security architect recommend?

Answer options

• A. Replace the current antivirus with an EDR solution.
• B. Remove the web proxy and install a UTM appliance.
• C. Implement a deny list feature on the endpoints.
• D. Add a firewall module on the current antivirus solution.

Correct answer: A

Explanation

The correct answer is A because an EDR (Endpoint Detection and Response) solution provides advanced threat detection and response capabilities that are necessary to address sophisticated malware. The other options either do not provide the necessary level of protection or could introduce additional complexities without effectively mitigating the malware threat.