CompTIA CASP+ (CAS-004) — Question 494

After a lengthy exercise manually analyzing various types of logs related to a security breach, a security team was able to tie the activity to specific employees. Which of the following should the team implement to help streamline this process moving forward?

Answer options

• A. UEBA
• B. HSM
• C. HIPS
• D. XDR
• E. OPSEC training

Correct answer: A

Explanation

The correct answer is A, UEBA (User and Entity Behavior Analytics), which uses machine learning to identify abnormal behavior patterns, making it easier to detect potential security threats linked to specific users. The other options, like HSM, HIPS, XDR, and OPSEC training, serve different purposes, such as hardware security, intrusion prevention, extended detection and response, and awareness training, but do not specifically streamline log analysis in the context of user behavior.