CompTIA SecurityX (CAS-005) — Question 1

IoCs were missed during a recent security incident due to the reliance on a signature-based detection platform. A security engineer must recommend a solution that can be implemented to address this shortcoming. Which of the following would be the most appropriate recommendation?

Answer options

• A. FIM
• B. SASEC. UEBA
• D. CSPM
• E. EAP

Correct answer: D

Explanation

CSPM (Cloud Security Posture Management) is designed to enhance security by continuously monitoring cloud environments for compliance and potential threats, which addresses the limitations of signature-based detection. Other options like FIM (File Integrity Monitoring) and UEBA (User and Entity Behavior Analytics) focus on different aspects of security that may not directly counteract the specific shortcoming of missing IoCs. SASE and EAP are not directly relevant to the detection and remediation of IoCs.