CompTIA SecurityX (CAS-005) — Question 211

An organization currently has IDS, firewall, and DLP systems in place. The systems administrator needs to integrate the tools in the environment to reduce response time. Which of the following should the administrator use?

Answer options

• A. SOAR
• B. CWPP
• C. XCCDF
• D. CMDB

Correct answer: A

Explanation

The correct answer is SOAR, which stands for Security Orchestration, Automation, and Response, and is designed to integrate various security tools to streamline incident response times. CWPP (Cloud Workload Protection Platform), XCCDF (Extensible Configuration Checklist Description Format), and CMDB (Configuration Management Database) do not focus on integration and automation of security systems in the same way that SOAR does.