CompTIA CASP+ (CAS-004) — Question 404

An analyst determined that the current process for manually handling phishing attacks within the company is ineffective. The analyst is developing a new process to ensure phishing attempts are handled internally in an appropriate and timely manner. One of the analyst's requirements is that a blocklist be updated automatically when phishing attempts are identified. Which of the following would help satisfy this requirement?

Answer options

• A. SOAR
• B. MSSP
• C. Containerization
• D. Virtualization
• E. MDR deployment

Correct answer: A

Explanation

The correct answer is A, SOAR (Security Orchestration, Automation, and Response), which automates the updating of blocklists in response to identified phishing attempts. The other options, such as MSSP (Managed Security Service Provider), Containerization, Virtualization, and MDR (Managed Detection and Response) deployment, do not specifically focus on automating the response to phishing threats in the same way that SOAR does.