CompTIA CASP+ (CAS-004) — Question 617

During a phishing exercise, a few privileged users ranked high on the failure list. The enterprise would like to ensure that privileged users have an extra security- monitoring control in place. Which of the following is the MOST likely solution?

Answer options

• A. A WAF to protect web traffic
• B. User and entity behavior analytics
• C. Requirements to change the local password
• D. A gap analysis

Correct answer: B

Explanation

User and entity behavior analytics (UEBA) is the most appropriate solution as it helps identify abnormal behavior among privileged users, enabling organizations to monitor and respond to potential security threats effectively. A WAF primarily focuses on web traffic protection, while password change requirements and gap analysis do not provide real-time monitoring or behavioral insights.