CompTIA SecurityX (CAS-005) — Question 139

An organization would like to increase the effectiveness of its incident response process across its multiplatform environment. A security engineer needs to implement the improvements using the organization's existing incident response tools. Which of the following should the security engineer use?

Answer options

• A. Playbooks
• B. Event collectors
• C. Centralized logging
• D. Endpoint detection

Correct answer: A

Explanation

Playbooks provide structured procedures for handling incidents, allowing for consistent and efficient responses across different scenarios. While event collectors, centralized logging, and endpoint detection are important components of an incident response strategy, they do not specifically focus on the procedural enhancements that playbooks offer for improving response effectiveness.