CompTIA SecurityX (CAS-005) — Question 215

A new, online file hosting service is being offered. The service has the following security requirements:

• Threats to customer data integrity and availability should be remediated first.
• The environment should be dynamic to match increasing customer demands.
• The solution should not interfere with customers’ ability to access their data at anytime.
• Security analysts should focus on high-risk items.

Which of the following would best satisfy the requirements?

Answer options

• A. Expanding the use of IPS and NGFW devices throughout the environment
• B. Increasing the number of analysts to identify risks that need remediation
• C. Implementing a SOAR solution to address known threats
• D. Integrating enterprise threat feeds in the existing SIEM

Correct answer: C

Explanation

Implementing a SOAR solution is the best choice because it automates the response to known threats, which aligns with the need to prioritize data integrity and availability. Expanding IPS and NGFW devices may improve security but does not directly address the dynamic nature of the service or the need for analyst focus. Increasing the number of analysts could help, but it does not effectively resolve threats or adapt to customer demands as efficiently as a SOAR solution. Integrating threat feeds into SIEM is beneficial but does not provide the same level of proactive threat management.