CompTIA CASP+ (CAS-004) — Question 550

A new, online file hosting service is being offered. The service has the following security requirements:

• Threats to customer data integrity and availability should be remediated first.
• The environment should be dynamic to match increasing customer demands.
• The solution should not interfere with customers’ ability to access their data at anytime.
• Security analysts should focus on high-risk items.

Which of the following would BEST satisfy the requirements?

Answer options

• A. Expanding the use of IPS and NGFW devices throughout the environment
• B. Increasing the number of analysts to identify risks that need remediation
• C. Implementing a SOAR solution to address known threats
• D. Integrating enterprise threat feeds in the existing SIEM

Correct answer: C

Explanation

The correct answer is C, as implementing a SOAR solution allows for the automated response to known threats, thus addressing the security requirements efficiently without disrupting customer access. Options A and D, while beneficial in enhancing security, do not provide the dynamic response needed for known threats. Option B, increasing analysts, is less effective in a dynamic environment where automation can better handle threats.