CompTIA SecurityX (CAS-005) — Question 114
A security engineer is developing a solution to meet the following requirements:
• All endpoints should be able to establish telemetry with a SIEM.
• All endpoints should be able to be integrated into the XDR platform.
• SOC services should be able to monitor the XDR platform.
Which of the following should the security engineer implement to meet the requirements? (Choose two.)
Answer options
- A. EDR
- B. HIDS
- C. Web application firewall
- D. Central logging
- E. Host-based firewall
- F. TPM
Correct answer: A, D
Explanation
The correct answers are EDR and Central logging. EDR (Endpoint Detection and Response) provides telemetry to a SIEM and integrates with XDR platforms, while Central logging enables SOC services to monitor the XDR. HIDS, Web application firewalls, Host-based firewalls, and TPM do not provide the same level of integration or monitoring capabilities as the selected options.