CompTIA CASP+ (CAS-004) — Question 613

A small software company deployed a new web application after a network security scan found no vulnerabilities. A customer using this application reported malicious activity believed to be associated with the application. During an investigation, the company discovered that the customer closed the browser tab and connected to another application, using the same credentials on both platforms. Which of the following detection methods should the software company implement before deploying the next version?

Answer options

• A. Multifactor authentication
• B. Static application code scanning
• C. Stronger password policy
• D. A SIEM

Correct answer: D

Explanation

Implementing a SIEM (Security Information and Event Management) system is essential for monitoring and analyzing security events in real-time, which can help detect malicious activities across applications. While multifactor authentication, static application code scanning, and a stronger password policy are important security measures, they do not provide the same level of monitoring and incident response capabilities that a SIEM offers.